Live Chat Software by Kayako |
Últimas Atualizações
|
Jun 27 |
ProApps Security IDS Rules Changelog 2017-06-27
Postado por Rafael Honorato on 27/Jun 15:18
|
[***] Summary 2017-06-27 [***] Total added rules: 477 Total modified rules: 3666 Total removed rules: 30 [***] ProApps Security IDS Rules Changelog started Mon Jun 26 16:33:52 2017 [***] [+++] Added rules: 38 [+++] 2024425 - ProApps TROJAN OSX OceanLotus Checkin (trojan.rules) 2024426 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher.a CnC Beacon (mobile_malware.rules) 2024427 - ProApps TROJAN Naoinstalad Checkin (trojan.rules) 2024428 - ProApps TROJAN Powershell/Unknown CnC Checkin (trojan.rules) 2405059 - ProApps CNC Shadowserver Reported CnC Server Port 40669 Group 1 (botcc.portgrouped.rules) 2826860 - ProApps CURRENT_EVENTS Successful Adobe ID Phish Jun 26 2017 (current_events.rules) 2826861 - ProApps CURRENT_EVENTS Successful American Express Phish Jun 26 2017 (current_events.rules) 2826862 - ProApps CURRENT_EVENTS Successful American Express Phish M1 Jun 26 2017 (current_events.rules) 2826863 - ProApps CURRENT_EVENTS Successful American Express Phish M2 Jun 26 2017 (current_events.rules) 2826864 - ProApps CURRENT_EVENTS Successful American Express Phish M3 Jun 26 2017 (current_events.rules) 2826865 - ProApps CURRENT_EVENTS Successful American Express Phish M4 Jun 26 2017 (current_events.rules) 2826866 - ProApps TROJAN W32.Unknown Checkin (trojan.rules) 2826867 - ProApps CURRENT_EVENTS Successful Apple ID Phish Jun 26 2017 (current_events.rules) 2826868 - ProApps CURRENT_EVENTS Successful ATT Phish Jun 26 2017 (current_events.rules) 2826869 - ProApps CURRENT_EVENTS Successful Banco do Brasil Mobile Phish Jun 26 2017 (current_events.rules) 2826870 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.ay SMS Exfil (mobile_malware.rules) 2826871 - ProApps TROJAN Chthonic Zip/JS Download Attempt (trojan.rules) 2826872 - ProApps CURRENT_EVENTS Successful Santander Phish M1 Jun 26 2017 (current_events.rules) 2826873 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 159 (mobile_malware.rules) 2826874 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 160 (mobile_malware.rules) 2826875 - ProApps CURRENT_EVENTS Successful Santander Phish M2 Jun 26 2017 (current_events.rules) 2826876 - ProApps CURRENT_EVENTS Successful Santander Phish M3 Jun 26 2017 (current_events.rules) 2826877 - ProApps TROJAN Win32/Androm.nmwm Reporting Infection via SMTP (trojan.rules) 2826878 - ProApps CURRENT_EVENTS Successful Paypal Phish Jun 26 2017 (current_events.rules) 2826879 - ProApps TROJAN Win32/Alureon CnC Beacon (trojan.rules) 2826880 - ProApps MALWARE Win32/Packed.FlyStudio.AA CnC Beacon (malware.rules) 2826881 - ProApps CURRENT_EVENTS Possible Successful Generic Brasil Banking Phish Jun 26 2017 (current_events.rules) 2826882 - ProApps CURRENT_EVENTS Successful Santander Phish M4 Jun 26 2017 (current_events.rules) 2826883 - ProApps CURRENT_EVENTS Successful Santander Phish M5 Jun 26 2017 (current_events.rules) 2826884 - ProApps MOBILE_MALWARE Anubis Android Loader / BankBot Checkin 12 (mobile_malware.rules) 2826885 - ProApps CURRENT_EVENTS Successful Santander Phish M6 Jun 26 2017 (current_events.rules) 2826886 - ProApps CURRENT_EVENTS Successful Santander Phish M7 Jun 26 2017 (current_events.rules) 2826887 - ProApps CURRENT_EVENTS Successful Santander Phish M8 Jun 26 2017 (current_events.rules) 2826888 - ProApps CURRENT_EVENTS Successful Paypal Phish M1 Jun 26 2017 (current_events.rules) 2826889 - ProApps TROJAN Win32.Cybergate RAT SQLite DL (trojan.rules) 2826890 - ProApps CURRENT_EVENTS Successful Paypal Phish M2 Jun 26 2017 (current_events.rules) 2826891 - ProApps CURRENT_EVENTS Successful Paypal Phish M3 Jun 26 2017 (current_events.rules) 2826892 - ProApps CURRENT_EVENTS Successful Paypal Phish (DE) Jun 26 2017 (current_events.rules) [+++] Modify rules: 202 [+++] 2013290 - ProApps POLICY MOBILE Apple device leaking UDID from SpringBoard via GET (policy.rules) 2023553 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher.a Checkin (mobile_malware.rules) 2400000 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 1 (drop.rules) 2400001 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 2 (drop.rules) 2400002 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 3 (drop.rules) 2400003 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 4 (drop.rules) 2400004 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 5 (drop.rules) 2400005 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 6 (drop.rules) 2400006 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 7 (drop.rules) 2400007 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 8 (drop.rules) 2400008 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 9 (drop.rules) 2400009 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 10 (drop.rules) 2400010 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 11 (drop.rules) 2400011 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 12 (drop.rules) 2400012 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 13 (drop.rules) 2400013 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 14 (drop.rules) 2400014 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 15 (drop.rules) 2400015 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 16 (drop.rules) 2400016 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 17 (drop.rules) 2400017 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 18 (drop.rules) 2400018 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 19 (drop.rules) 2400019 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 20 (drop.rules) 2400020 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 21 (drop.rules) 2400021 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 22 (drop.rules) 2400022 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 23 (drop.rules) 2400023 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 24 (drop.rules) 2400024 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 25 (drop.rules) 2400025 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 26 (drop.rules) 2400026 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 27 (drop.rules) 2400027 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 28 (drop.rules) 2400028 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 29 (drop.rules) 2400029 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 30 (drop.rules) 2400030 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 31 (drop.rules) 2400031 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 32 (drop.rules) 2400032 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 33 (drop.rules) 2400033 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 34 (drop.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 110 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 1080 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 3211 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4466 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 4949 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 5050 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 5900 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6532 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 6900 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405054 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405055 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405056 - ProApps CNC Shadowserver Reported CnC Server Port 21333 Group 1 (botcc.portgrouped.rules) 2405057 - ProApps CNC Shadowserver Reported CnC Server Port 32768 Group 1 (botcc.portgrouped.rules) 2405058 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2803760 - ProApps TROJAN Worm.Win32.AutoTsifiri.n DNS Tunnel (trojan.rules) 2825226 - ProApps TROJAN Helminth/Oilrig CnC Beacon 2 (trojan.rules) 2826593 - ProApps TROJAN Possible Chthonic DNS Lookup (trojan.rules) 2826837 - ProApps TROJAN KaroCrypt Ransomware Onion Domain (trojan.rules) 2826840 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.Agent.ij / SmsThief SMS/Contact Exfil via SMTP (mobile_malware.rules) 2826842 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.Agent.ij / SmsThief SMS/Contact Exfil via SMTP 3 (mobile_malware.rules) [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Fri Jun 23 16:54:16 2017 [***] [+++] Added rules: 33 [+++] 2024420 - ProApps TROJAN MalDoc Retrieving Malicious Payload (Possibly Ursnif) (trojan.rules) 2024421 - ProApps ATTACK_RESPONSE Possible BeEF HTTP Headers Inbound (attack_response.rules) 2024422 - ProApps CURRENT_EVENTS Amazon Phish Landing Jun 22 (current_events.rules) 2024423 - ProApps TROJAN x0Proto File Contents Exfil Request (trojan.rules) 2024424 - ProApps TROJAN x0Proto File Info Request (trojan.rules) 2405056 - ProApps CNC Shadowserver Reported CnC Server Port 32768 Group 1 (botcc.portgrouped.rules) 2405057 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2405058 - ProApps CNC Shadowserver Reported CnC Server Port 40669 Group 1 (botcc.portgrouped.rules) 2826835 - ProApps MOBILE_MALWARE Android/Clicker.HA Checkin (mobile_malware.rules) 2826836 - ProApps MOBILE_MALWARE Android/Clicker.HA Checkin 2 (mobile_malware.rules) 2826837 - ProApps TROJAN KaroCrypt Ransomware Onion Domain (trojan.rules) 2826838 - ProApps CURRENT_EVENTS Magnitude EK (magnigate) Jun 23 2017 (current_events.rules) 2826839 - ProApps TROJAN Win32/Unk.Dropper Checkin (trojan.rules) 2826840 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.Agent.ij / SmsThief SMS/Contact Exfil via SMTP (mobile_malware.rules) 2826841 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.Agent.ij / SmsThief SMS/Contact Exfil via SMTP 2 (mobile_malware.rules) 2826842 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.Agent.ij / SmsThief SMS/Contact Exfil via SMTP 3 (mobile_malware.rules) 2826843 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.iz Contact Exfil via SMTP 8 (mobile_malware.rules) 2826844 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.dj Contact Exfil via SMTP 6 (mobile_malware.rules) 2826845 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.dj SMS Exfil via SMTP 8 (mobile_malware.rules) 2826846 - ProApps TROJAN Win32/Mail.ru Downloader PUA (trojan.rules) 2826847 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 157 (mobile_malware.rules) 2826848 - ProApps TROJAN DNS Query to Cerber Domain (15qq4s . top) (trojan.rules) 2826849 - ProApps TROJAN DNS Query to Cerber Domain (asd3r3 . win) (trojan.rules) 2826850 - ProApps TROJAN DNS Query to Cerber Domain (16l1zt . top) (trojan.rules) 2826851 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 158 (mobile_malware.rules) 2826852 - ProApps TROJAN DNS Query to Cerber Domain (1gy9bo . top) (trojan.rules) 2826853 - ProApps TROJAN DNS Query to Cerber Domain (17rm9b . top) (trojan.rules) 2826854 - ProApps TROJAN DNS Query to Cerber Domain (1apgrn . top) (trojan.rules) 2826855 - ProApps TROJAN DNS Query to Cerber Domain (1k6bas . top) (trojan.rules) 2826856 - ProApps TROJAN DNS Query to Cerber Domain (o8hpwj . top) (trojan.rules) 2826857 - ProApps TROJAN DNS Query to Cerber Domain (1azkux . top) (trojan.rules) 2826858 - ProApps TROJAN DNS Query to Cerber Domain (12uzfa . top) (trojan.rules) 2826859 - ProApps TROJAN DNS Query to Cerber Domain (179tnk . top) (trojan.rules) [+++] Modify rules: 160 [+++] 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 110 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 1080 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 3211 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4466 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 4949 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 5050 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 5900 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6532 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 6900 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405054 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405055 - ProApps CNC Shadowserver Reported CnC Server Port 21333 Group 1 (botcc.portgrouped.rules) 2808934 - ProApps MOBILE_MALWARE Android.Trojan.AgentSpy.P SMS Exfil (mobile_malware.rules) 2825132 - ProApps TROJAN Win32/TinyNuke CnC Checkin (trojan.rules) 2826834 - ProApps MALWARE Downloader.NSIS.AdLoad Activity (malware.rules) [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Thu Jun 22 16:43:51 2017 [***] [+++] Added rules: 11 [+++] 2024419 - ProApps TROJAN FF-RAT Stage 1 CnC Checkin (trojan.rules) 2826825 - ProApps TROJAN DNS Query for known malicious URL thisaintpc .com (trojan.rules) 2826826 - ProApps TROJAN wellfopay .ru CnC Checkin (trojan.rules) 2826827 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 156 (mobile_malware.rules) 2826828 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2017-06-21 1) (trojan.rules) 2826829 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2017-06-21 2) (trojan.rules) 2826830 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2017-06-21 3) (trojan.rules) 2826831 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2017-06-21 4) (trojan.rules) 2826832 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2017-06-21 5) (trojan.rules) 2826833 - ProApps TROJAN Bitcoin Miner Known Malicious Basic Auth (TGlaTFNVdUtKN1NrZU51NFF2SGRZdDhmQ1N3amhpMXpwRDp4) (trojan.rules) 2826834 - ProApps MALWARE Downloader.NSIS.AdLoad Activity (malware.rules) [+++] Modify rules: 161 [+++] 2020786 - ProApps TROJAN Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 85 (trojan.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 110 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 1080 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4466 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 5050 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 6900 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 21333 Group 1 (botcc.portgrouped.rules) 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 32768 Group 1 (botcc.portgrouped.rules) 2405054 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2405055 - ProApps CNC Shadowserver Reported CnC Server Port 40669 Group 1 (botcc.portgrouped.rules) 2808934 - ProApps MOBILE_MALWARE Android.Trojan.AgentSpy.P SMS Exfil (mobile_malware.rules) 2825656 - ProApps TROJAN W32.Gotrat.de Checkin 2 (trojan.rules) 2825657 - ProApps TROJAN W32.Gotrat.de Checkin (trojan.rules) [+++] Removed rules: 4 [+++] 2405056 - ProApps CNC Shadowserver Reported CnC Server Port 21333 Group 1 (botcc.portgrouped.rules) 2405057 - ProApps CNC Shadowserver Reported CnC Server Port 32768 Group 1 (botcc.portgrouped.rules) 2405058 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2405059 - ProApps CNC Shadowserver Reported CnC Server Port 40669 Group 1 (botcc.portgrouped.rules) [***] ProApps Security IDS Rules Changelog started Wed Jun 21 16:45:52 2017 [***] [+++] Added rules: 11 [+++] 2405059 - ProApps CNC Shadowserver Reported CnC Server Port 40669 Group 1 (botcc.portgrouped.rules) 2826815 - ProApps TROJAN CoinMiner Downloader Retrieving Payload (trojan.rules) 2826816 - ProApps TROJAN MSIL/Injector.SKQ InfoStealer CnC Checkin (trojan.rules) 2826817 - ProApps TROJAN W97M.Downloader attempting to retrieve payload (trojan.rules) 2826818 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 154 (mobile_malware.rules) 2826819 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 155 (mobile_malware.rules) 2826820 - ProApps TROJAN Malicious SSL certificate detected (Ursnif Injects) (trojan.rules) 2826821 - ProApps TROJAN Malicious SSL certificate detected (Ursnif Injects) (trojan.rules) 2826822 - ProApps MOBILE_MALWARE Trojan.AndroidOS.Triada.e CnC Beacon 4 (mobile_malware.rules) 2826823 - ProApps MOBILE_MALWARE Android.Trojan.Downloader.IJ CnC Beacon (mobile_malware.rules) 2826824 - ProApps MOBILE_MALWARE Android/TrojanDropper.Agent.AZQ / Android.Triada Checkin (mobile_malware.rules) [+++] Modify rules: 167 [+++] 2014726 - ProApps POLICY Outdated Flash Version M1 (policy.rules) 2024379 - ProApps POLICY Outdated Flash Version M2 (policy.rules) 2024404 - ProApps EXPLOIT HP Printer Attempted Path Traversal via PJL (exploit.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 110 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 1080 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 3211 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4466 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 4949 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 5050 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 5900 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6532 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 6900 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405054 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405055 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405056 - ProApps CNC Shadowserver Reported CnC Server Port 21333 Group 1 (botcc.portgrouped.rules) 2405057 - ProApps CNC Shadowserver Reported CnC Server Port 32768 Group 1 (botcc.portgrouped.rules) 2405058 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2821023 - ProApps TROJAN Win32/Neutrino Bot Malicious SSL Certificate Detected (trojan.rules) 2825511 - ProApps MOBILE_MALWARE Trojan.AndroidOS.Triada.bd Checkin (mobile_malware.rules) 2825656 - ProApps TROJAN W32.Gotrat.de Checkin 2 (trojan.rules) 2825657 - ProApps TROJAN W32.Gotrat.de Checkin (trojan.rules) [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Tue Jun 20 16:37:50 2017 [***] [+++] Added rules: 18 [+++] 2024416 - ProApps WEB_CLIENT BeEF HTTP Get Outbound (web_client.rules) 2024417 - ProApps TROJAN Fake Windows Scam ScreenLocker (trojan.rules) 2024418 - ProApps TROJAN DragonOK KHRAT Downloader Receiving Payload (trojan.rules) 2826800 - ProApps TROJAN Win32.Dinwod CnC Beacon (trojan.rules) 2826801 - ProApps TROJAN MSIL/Unk.Stealer CnC Checkin (trojan.rules) 2826802 - ProApps TROJAN MSIL/IRCBot.BH CnC Beacon (trojan.rules) 2826803 - ProApps MOBILE_MALWARE Android/Triada.DZ Checkin (mobile_malware.rules) 2826804 - ProApps MOBILE_MALWARE Android/Triada.DZ Checkin 2 (mobile_malware.rules) 2826805 - ProApps TROJAN Win32/CoinMiner.AGW Downloader Requesting Payload (trojan.rules) 2826806 - ProApps MOBILE_MALWARE Trojan-Dropper.AndroidOS.Triada.d Checkin 3 (mobile_malware.rules) 2826807 - ProApps MOBILE_MALWARE Trojan-Dropper.AndroidOS.Triada.d Checkin 4 (mobile_malware.rules) 2826808 - ProApps MOBILE_MALWARE Android.Trojan.Triada.EY Checkin (mobile_malware.rules) 2826809 - ProApps MOBILE_MALWARE Android.Trojan.Triada.EY Checkin 2 (mobile_malware.rules) 2826810 - ProApps TROJAN Mole Ransomware Onion Domain (trojan.rules) 2826811 - ProApps TROJAN Erebus Ransomware Onion Domain (trojan.rules) 2826812 - ProApps TROJAN Erebus Ransomware Onion Domain (trojan.rules) 2826813 - ProApps EXPLOIT HP Printer Remote Code Execution Attempt (exploit.rules) 2826814 - ProApps MOBILE_MALWARE Android.Trojan.SmsSpy.LP CnC Beacon (mobile_malware.rules) [+++] Modify rules: 162 [+++] 2022893 - ProApps MALWARE MSIL/Adload.AT Beacon (malware.rules) 2024404 - ProApps EXPLOIT HP Printer Attempted Path Traversal via PJL (exploit.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 110 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 1080 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 3211 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4466 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 4949 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 5050 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 5900 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6532 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 6900 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405054 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405055 - ProApps CNC Shadowserver Reported CnC Server Port 21333 Group 1 (botcc.portgrouped.rules) 2405056 - ProApps CNC Shadowserver Reported CnC Server Port 32768 Group 1 (botcc.portgrouped.rules) 2405057 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2405058 - ProApps CNC Shadowserver Reported CnC Server Port 40669 Group 1 (botcc.portgrouped.rules) [+++] Removed rules: 1 [+++] 2405059 - ProApps CNC Shadowserver Reported CnC Server Port 40669 Group 1 (botcc.portgrouped.rules) [***] ProApps Security IDS Rules Changelog started Mon Jun 19 16:53:40 2017 [***] [+++] Added rules: 28 [+++] 2024405 - ProApps TROJAN Possible Pegasus Related DNS Lookup (secure-access10 .mx) (trojan.rules) 2024406 - ProApps TROJAN Possible Pegasus Related DNS Lookup (network190 .com) (trojan.rules) 2024407 - ProApps TROJAN Possible Pegasus Related DNS Lookup (mymensaje-sms .com) (trojan.rules) 2024408 - ProApps TROJAN Possible Pegasus Related DNS Lookup (smscentro .com) (trojan.rules) 2024409 - ProApps TROJAN Possible Pegasus Related DNS Lookup (ideas-telcel .com.mx) (trojan.rules) 2024410 - ProApps TROJAN Possible Pegasus Related DNS Lookup (twiitter .com.mx) (trojan.rules) 2024411 - ProApps MOBILE_MALWARE Android.Dropper.Abd Checkin (mobile_malware.rules) 2024412 - ProApps EXPLOIT Possible SharePoint XSS (CVE-2017-8514) Inbound (exploit.rules) 2024413 - ProApps CURRENT_EVENTS CVE-2017-0199 Common Obfus Stage 2 DL (current_events.rules) 2024414 - ProApps CURRENT_EVENTS RIG EK Broken/Filtered Payload Download Jun 19 2017 (current_events.rules) 2024415 - ProApps WEB_CLIENT Possible BeEF Module in use (web_client.rules) 2826783 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 152 (mobile_malware.rules) 2826784 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 153 (mobile_malware.rules) 2826785 - ProApps MOBILE_MALWARE Trojan-PSW.AndroidOS.Inazun.h CnC Beacon (mobile_malware.rules) 2826786 - ProApps MOBILE_MALWARE Trojan-PSW.AndroidOS.Inazun.h CnC Beacon 2 (mobile_malware.rules) 2826787 - ProApps TROJAN Unknown Targeted MSIL Payload CnC Beacon (trojan.rules) 2826788 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.fh Contact Exfil via SMTP (mobile_malware.rules) 2826789 - ProApps TROJAN DNS Query to Cerber Domain (1p5fwl . top) (trojan.rules) 2826790 - ProApps TROJAN DNS Query to Cerber Domain (086ux2 . top) (trojan.rules) 2826791 - ProApps TROJAN DNS Query to Cerber Domain (12nwsv . top) (trojan.rules) 2826792 - ProApps TROJAN DNS Query to Cerber Domain (1gqrpq . top) (trojan.rules) 2826793 - ProApps TROJAN DNS Query to Cerber Domain (15u3kg . top) (trojan.rules) 2826794 - ProApps TROJAN DNS Query to Cerber Domain (11bwgu . top) (trojan.rules) 2826795 - ProApps TROJAN DNS Query to Cerber Domain (bcjl1h . top) (trojan.rules) 2826796 - ProApps TROJAN DNS Query to Cerber Domain (uwckha . top) (trojan.rules) 2826797 - ProApps TROJAN DNS Query to Cerber Domain (1gredn . top) (trojan.rules) 2826798 - ProApps TROJAN DNS Query to Cerber Domain (1aqq5k . top) (trojan.rules) 2826799 - ProApps TROJAN Win32/TrojanDownloader.Blocrypt Checkin 2 (trojan.rules) [+++] Modify rules: 198 [+++] 2018303 - ProApps CURRENT_EVENTS Possible iTunes Phishing Landing - Title over non SSL (current_events.rules) 2020332 - ProApps CURRENT_EVENTS Possible Dropbox Phishing Landing - Title over non SSL (current_events.rules) 2400000 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 1 (drop.rules) 2400001 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 2 (drop.rules) 2400002 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 3 (drop.rules) 2400003 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 4 (drop.rules) 2400004 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 5 (drop.rules) 2400005 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 6 (drop.rules) 2400006 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 7 (drop.rules) 2400007 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 8 (drop.rules) 2400008 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 9 (drop.rules) 2400009 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 10 (drop.rules) 2400010 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 11 (drop.rules) 2400011 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 12 (drop.rules) 2400012 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 13 (drop.rules) 2400013 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 14 (drop.rules) 2400014 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 15 (drop.rules) 2400015 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 16 (drop.rules) 2400016 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 17 (drop.rules) 2400017 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 18 (drop.rules) 2400018 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 19 (drop.rules) 2400019 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 20 (drop.rules) 2400020 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 21 (drop.rules) 2400021 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 22 (drop.rules) 2400022 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 23 (drop.rules) 2400023 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 24 (drop.rules) 2400024 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 25 (drop.rules) 2400025 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 26 (drop.rules) 2400026 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 27 (drop.rules) 2400027 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 28 (drop.rules) 2400028 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 29 (drop.rules) 2400029 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 30 (drop.rules) 2400030 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 31 (drop.rules) 2400031 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 32 (drop.rules) 2400032 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 33 (drop.rules) 2400033 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 34 (drop.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 110 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 1080 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 3211 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4466 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 4949 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 5050 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 5900 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6532 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 6900 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405054 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405055 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405056 - ProApps CNC Shadowserver Reported CnC Server Port 21333 Group 1 (botcc.portgrouped.rules) 2405057 - ProApps CNC Shadowserver Reported CnC Server Port 32768 Group 1 (botcc.portgrouped.rules) 2405058 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2405059 - ProApps CNC Shadowserver Reported CnC Server Port 40669 Group 1 (botcc.portgrouped.rules) 2815145 - ProApps CURRENT_EVENTS Possible Chase Phishing Landing - Title over non SSL (current_events.rules) [+++] Removed rules: 5 [+++] 2405060 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405061 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405062 - ProApps CNC Shadowserver Reported CnC Server Port 21333 Group 1 (botcc.portgrouped.rules) 2405063 - ProApps CNC Shadowserver Reported CnC Server Port 32768 Group 1 (botcc.portgrouped.rules) 2405064 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) [***] ProApps Security IDS Rules Changelog started Fri Jun 16 16:58:16 2017 [***] [+++] Added rules: 28 [+++] 2024384 - ProApps EXPLOIT Samba Arbitrary Module Loading Vulnerability M2 (NT Create AndX .so) (CVE-2017-7494) (exploit.rules) 2024385 - ProApps CURRENT_EVENTS Possible iCloud Phishing Landing - Title over non SSL (current_events.rules) 2024386 - ProApps CURRENT_EVENTS Possible Google Docs Phishing Landing - Title over non SSL (current_events.rules) 2024387 - ProApps CURRENT_EVENTS Possible Docusign Phishing Landing - Title over non SSL (current_events.rules) 2024388 - ProApps CURRENT_EVENTS Possible Dropbox Phishing Landing - Title over non SSL (current_events.rules) 2024389 - ProApps CURRENT_EVENTS Possible Alibaba Phishing Landing - Title over non SSL (current_events.rules) 2024390 - ProApps CURRENT_EVENTS Possible Yahoo Phishing Landing - Title over non SSL (current_events.rules) 2024391 - ProApps CURRENT_EVENTS Possible Paypal Phishing Landing - Title over non SSL (current_events.rules) 2024392 - ProApps CURRENT_EVENTS Possible Excel Online Phishing Landing - Title over non SSL (current_events.rules) 2024393 - ProApps CURRENT_EVENTS Possible Free Mobile Phishing Landing - Title over non SSL (current_events.rules) 2024394 - ProApps CURRENT_EVENTS Possible AOL Mail Phishing Landing - Title over non SSL (current_events.rules) 2024395 - ProApps CURRENT_EVENTS Possible OWA Mail Phishing Landing - Title over non SSL (current_events.rules) 2024396 - ProApps CURRENT_EVENTS Possible OWA Mail Phishing Landing - Title over non SSL (current_events.rules) 2024397 - ProApps CURRENT_EVENTS Possible Facebook Help Center Phishing Landing - Title over non SSL (current_events.rules) 2024398 - ProApps CURRENT_EVENTS Possible Yahoo Phishing Landing - Title over non SSL (current_events.rules) 2024399 - ProApps CURRENT_EVENTS Possible Adobe PDF Phishing Landing - Title over non SSL (current_events.rules) 2024400 - ProApps CURRENT_EVENTS Possible DHL Phishing Landing - Title over non SSL (current_events.rules) 2024401 - ProApps CURRENT_EVENTS Possible Adobe ID Phishing Landing - Title over non SSL (current_events.rules) 2024402 - ProApps CURRENT_EVENTS Possible Facebook Phishing Landing - Title over non SSL (current_events.rules) 2024403 - ProApps CURRENT_EVENTS Possible Dropbox Phishing Landing - Title over non SSL (current_events.rules) 2024404 - ProApps EXPLOIT HP Printer Attempted Path Traversal via PJL (exploit.rules) 2826776 - ProApps CURRENT_EVENTS Successful RBC Royal Bank Phish Jun 12 2017 (current_events.rules) 2826777 - ProApps CURRENT_EVENTS Successful Mastercard Phish M1 Jun 16 2017 (current_events.rules) 2826778 - ProApps CURRENT_EVENTS Successful Mastercard Phish M2 Jun 16 2017 (current_events.rules) 2826779 - ProApps EXPLOIT CVE-2017-8543 SMB CPMSetBindings (exploit.rules) 2826780 - ProApps EXPLOIT CVE-2017-8543 SMB CPMGetRows (exploit.rules) 2826781 - ProApps EXPLOIT CVE-2017-8543 SMB2 CPMSetBindings (exploit.rules) 2826782 - ProApps EXPLOIT CVE-2017-8543 SMB2 CPMGetRows (exploit.rules) [+++] Modify rules: 4 [+++] 2018303 - ProApps CURRENT_EVENTS Possible iTunes Phishing Landing - Title over non SSL (current_events.rules) 2020332 - ProApps CURRENT_EVENTS Possible Dropbox Phishing Landing - Title over non SSL (current_events.rules) 2022886 - ProApps POLICY Crypto Coin Miner Login (policy.rules) 2815145 - ProApps CURRENT_EVENTS Possible Chase Phishing Landing - Title over non SSL (current_events.rules) [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Fri Jun 16 11:00:01 2017 [***] [+++] Added rules: 2 [+++] 2826774 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 151 (mobile_malware.rules) 2826775 - ProApps TROJAN Win32/OmgTick CnC Beacon (trojan.rules) [+++] Modify rules: 167 [+++] 2024379 - ProApps POLICY Outdated Flash Version M2 (policy.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 110 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 1080 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 3211 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4466 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 4949 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 5050 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 5900 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6532 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 6767 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 6900 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 6967 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 7070 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 7173 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 7663 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 7665 Group 1 (botcc.portgrouped.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405054 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405055 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405056 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405057 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405058 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405059 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405060 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405061 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405062 - ProApps CNC Shadowserver Reported CnC Server Port 21333 Group 1 (botcc.portgrouped.rules) 2405063 - ProApps CNC Shadowserver Reported CnC Server Port 32768 Group 1 (botcc.portgrouped.rules) 2405064 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) [+++] Removed rules: 1 [+++] 2405065 - ProApps CNC Shadowserver Reported CnC Server Port 40669 Group 1 (botcc.portgrouped.rules) [***] ProApps Security IDS Rules Changelog started Thu Jun 15 18:22:51 2017 [***] [+++] Added rules: 23 [+++] 2826751 - ProApps TROJAN DNS Query to Sage Domain (17b3o . net) (trojan.rules) 2826752 - ProApps TROJAN DNS Query to Sage Domain (2igu316 . com) (trojan.rules) 2826753 - ProApps TROJAN DNS Query to Cerber Domain (1dvqvh . top) (trojan.rules) 2826754 - ProApps TROJAN DNS Query to Cerber Domain (1fel3k . top) (trojan.rules) 2826755 - ProApps TROJAN DNS Query to Cerber Domain (1aq4sz . top) (trojan.rules) 2826756 - ProApps TROJAN DNS Query to Cerber Domain (19s7gy . top) (trojan.rules) 2826757 - ProApps TROJAN DNS Query to Cerber Domain (9u3iy1 . top) (trojan.rules) 2826758 - ProApps TROJAN DNS Query to Cerber Domain (12gsjz . top) (trojan.rules) 2826759 - ProApps TROJAN DNS Query to Cerber Domain (1pymg3 . top) (trojan.rules) 2826760 - ProApps TROJAN DNS Query to Cerber Domain (13khiv . top) (trojan.rules) 2826761 - ProApps TROJAN DNS Query to Cerber Domain (1b8tmn . top) (trojan.rules) 2826762 - ProApps TROJAN DNS Query to Cerber Domain (135nt3 . top) (trojan.rules) 2826763 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2017-06-14 1) (trojan.rules) 2826764 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2017-06-14 2) (trojan.rules) 2826765 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2017-06-14 3) (trojan.rules) 2826766 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2017-06-14 4) (trojan.rules) 2826767 - ProApps CURRENT_EVENTS Successful Netflix Phish Jun 14 2017 (current_events.rules) 2826768 - ProApps CURRENT_EVENTS Successful Netflix Phish Jun 15 2017 (current_events.rules) 2826769 - ProApps CURRENT_EVENTS Successful Docusign Phish Jun 15 2017 (current_events.rules) 2826770 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 150 (mobile_malware.rules) 2826771 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.ic SMS/Contact Exfil via SMTP 2 (mobile_malware.rules) 2826772 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.iz SMS/Contact Exfil via SMTP (mobile_malware.rules) 2826773 - ProApps TROJAN Win32/Dynamer!ac Checkin (trojan.rules) [+++] Modify rules: 183 [+++] 2024338 - ProApps TROJAN Observed GET Request to Domain Hosting Malicious Payload (trojan.rules) 2024382 - ProApps TROJAN DPRK HIDDEN COBRA DDoS Handshake Success (trojan.rules) 2024383 - ProApps TROJAN DPRK HIDDEN COBRA Botnet C2 Host Beacon (trojan.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 110 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 1080 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 3211 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4466 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 4949 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 5050 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 5900 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6532 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 6767 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 6900 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 6967 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 7070 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 7173 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 7663 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 7665 Group 1 (botcc.portgrouped.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405054 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405055 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405056 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405057 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405058 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405059 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405060 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405061 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405062 - ProApps CNC Shadowserver Reported CnC Server Port 21333 Group 1 (botcc.portgrouped.rules) 2405063 - ProApps CNC Shadowserver Reported CnC Server Port 32768 Group 1 (botcc.portgrouped.rules) 2405064 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2405065 - ProApps CNC Shadowserver Reported CnC Server Port 40669 Group 1 (botcc.portgrouped.rules) 2823937 - ProApps CURRENT_EVENTS Successful Generic Phish (302) Dec 16 2016 (current_events.rules) 2826320 - ProApps MOBILE_MALWARE Anubis Android Loader / BankBot Checkin 2 (mobile_malware.rules) 2826321 - ProApps MOBILE_MALWARE Anubis Android Loader / BankBot Checkin 3 (mobile_malware.rules) 2826323 - ProApps MOBILE_MALWARE Anubis Android Loader / BankBot Checkin 4 (mobile_malware.rules) 2826326 - ProApps MOBILE_MALWARE Anubis Android Loader / BankBot CnC Beacon (mobile_malware.rules) 2826356 - ProApps MOBILE_MALWARE Anubis Android Loader / BankBot Checkin 5 (mobile_malware.rules) 2826362 - ProApps MOBILE_MALWARE Anubis Android Loader / BankBot Checkin 6 (mobile_malware.rules) 2826505 - ProApps MOBILE_MALWARE Anubis Android Loader / BankBot Checkin 7 (mobile_malware.rules) 2826506 - ProApps MOBILE_MALWARE Anubis Android Loader / BankBot Checkin 8 (mobile_malware.rules) 2826677 - ProApps MOBILE_MALWARE Anubis Android Loader / BankBot Checkin 9 (mobile_malware.rules) 2826678 - ProApps MOBILE_MALWARE Anubis Android Loader / BankBot Checkin 10 (mobile_malware.rules) 2826705 - ProApps TROJAN Win32/Neshta.A Checkin (trojan.rules) 2826720 - ProApps MOBILE_MALWARE Anubis Android Loader / BankBot Checkin 11 (mobile_malware.rules) [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Wed Jun 14 16:56:43 2017 [***] [+++] Added rules: 11 [+++] 2024382 - ProApps TROJAN DPRK_HIDDEN_COBRA_DDoS_Handshake Success (trojan.rules) 2024383 - ProApps TROJAN DPRK_HIDDEN_COBRA_Botnet_C2_Host_Beacon (trojan.rules) 2826742 - ProApps CURRENT_EVENTS Successful Charles Schwab Client Center Phish M1 Jun 13 2017 (current_events.rules) 2826743 - ProApps CURRENT_EVENTS Successful Charles Schwab Client Center Phish M2 Jun 13 2017 (current_events.rules) 2826744 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 149 (mobile_malware.rules) 2826745 - ProApps TROJAN Ishtar Ransomware Checkin (trojan.rules) 2826746 - ProApps TROJAN Win32.Swisyn.fohg Checkin (trojan.rules) 2826747 - ProApps MOBILE_MALWARE Android.Trojan.FakeApp.AS Checkin (mobile_malware.rules) 2826748 - ProApps MOBILE_MALWARE Android.Trojan.FakeApp.AS CnC Beacon (mobile_malware.rules) 2826749 - ProApps CURRENT_EVENTS Successful Paypal Phish M1 Jun 14 2017 (current_events.rules) 2826750 - ProApps CURRENT_EVENTS Successful Paypal Phish M2 Jun 14 2017 (current_events.rules) [+++] Modify rules: 181 [+++] 2024379 - ProApps POLICY Outdated Flash Version M2 (policy.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 110 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 1080 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 3211 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4466 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 4949 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 5050 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 5900 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6532 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 6767 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 6900 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 6967 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 7070 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 7173 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 7663 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 7665 Group 1 (botcc.portgrouped.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405054 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405055 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405056 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405057 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405058 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405059 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405060 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405061 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405062 - ProApps CNC Shadowserver Reported CnC Server Port 21333 Group 1 (botcc.portgrouped.rules) 2405063 - ProApps CNC Shadowserver Reported CnC Server Port 32768 Group 1 (botcc.portgrouped.rules) 2405064 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2405065 - ProApps CNC Shadowserver Reported CnC Server Port 40669 Group 1 (botcc.portgrouped.rules) 2820951 - ProApps MOBILE_MALWARE Android/TrojanDropper.Shedun.V Checkin 3 (mobile_malware.rules) 2826320 - ProApps MOBILE_MALWARE Anubis Android Loader / BankBot Checkin 2 (mobile_malware.rules) 2826321 - ProApps MOBILE_MALWARE Anubis Android Loader / BankBot Checkin 3 (mobile_malware.rules) 2826323 - ProApps MOBILE_MALWARE Anubis Android Loader / BankBot Checkin 4 (mobile_malware.rules) 2826326 - ProApps MOBILE_MALWARE Anubis Android Loader / BankBot CnC Beacon (mobile_malware.rules) 2826356 - ProApps MOBILE_MALWARE Anubis Android Loader / BankBot Checkin 5 (mobile_malware.rules) 2826362 - ProApps MOBILE_MALWARE Anubis Android Loader / BankBot Checkin 6 (mobile_malware.rules) 2826505 - ProApps MOBILE_MALWARE Anubis Android Loader / BankBot Checkin 7 (mobile_malware.rules) 2826506 - ProApps MOBILE_MALWARE Anubis Android Loader / BankBot Checkin 8 (mobile_malware.rules) 2826677 - ProApps MOBILE_MALWARE Anubis Android Loader / BankBot Checkin 9 (mobile_malware.rules) 2826678 - ProApps MOBILE_MALWARE Anubis Android Loader / BankBot Checkin 10 (mobile_malware.rules) 2826705 - ProApps TROJAN Win32/Neshta.A Checkin (trojan.rules) 2826720 - ProApps MOBILE_MALWARE Anubis Android Loader / BankBot Checkin 11 (mobile_malware.rules) [+++] Removed rules: 1 [+++] 2826740 - ProApps DOS SMB2 CPU exhaustion (CVE-2009-2526) (dos.rules) [***] ProApps Security IDS Rules Changelog started Tue Jun 13 16:48:32 2017 [***] [+++] Added rules: 38 [+++] 2024378 - ProApps TROJAN X-Malware-Sinkhole Header in HTTP Response (trojan.rules) 2024379 - ProApps POLICY Outdated Flash Version M2 (policy.rules) 2024380 - ProApps CURRENT_EVENTS Nemucod JS Downloader June 12 2017 (current_events.rules) 2024381 - ProApps CURRENT_EVENTS RIG EK URI Struct Jun 13 2017 (current_events.rules) 2405064 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2405065 - ProApps CNC Shadowserver Reported CnC Server Port 40669 Group 1 (botcc.portgrouped.rules) 2826710 - ProApps CURRENT_EVENTS Successful OWA Phish Jun 12 2017 (current_events.rules) 2826711 - ProApps CURRENT_EVENTS Successful Navy Federal Credit Union Phish M1 Jun 12 2017 (current_events.rules) 2826712 - ProApps CURRENT_EVENTS Successful Navy Federal Credit Union Phish M2 Jun 12 2017 (current_events.rules) 2826713 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 147 (mobile_malware.rules) 2826714 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 148 (mobile_malware.rules) 2826715 - ProApps MOBILE_MALWARE Android GhostPush Checkin 8 (mobile_malware.rules) 2826716 - ProApps MOBILE_MALWARE Trojan-Clicker.AndroidOS.Simpo.bq CnC Beacon (mobile_malware.rules) 2826717 - ProApps MOBILE_MALWARE Trojan-Clicker.AndroidOS.Simpo.az CnC Beacon (mobile_malware.rules) 2826718 - ProApps MOBILE_MALWARE Trojan-Clicker.AndroidOS.Simpo.az CnC Beacon 2 (mobile_malware.rules) 2826719 - ProApps TROJAN Andromeda CnC 3 (trojan.rules) 2826720 - ProApps MOBILE_MALWARE Android BankBot Checkin 11 (mobile_malware.rules) 2826721 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.dj SMS Exfil via SMTP 7 (mobile_malware.rules) 2826722 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.dj Contact Exfil via SMTP 5 (mobile_malware.rules) 2826723 - ProApps TROJAN Win32/Filecoder CnC Beacon (trojan.rules) 2826724 - ProApps EXPLOIT Windows 10 LNK RCE (CVE-2017-8464) (exploit.rules) 2826725 - ProApps EXPLOIT Windows Device Guard Code Integrity Policy Security Feature Bypass Vulnerability (CVE-2017-0215) (exploit.rules) 2826726 - ProApps WEB_CLIENT MS Edge UAF (CVE-2017-8496) (web_client.rules) 2826727 - ProApps WEB_CLIENT Edge Type Confusion RCE Vuln (CVE-2017-8497) (web_client.rules) 2826728 - ProApps WEB_CLIENT Edge Type Confusion Vuln (CVE-2017-8524) (web_client.rules) 2826729 - ProApps WEB_CLIENT Print Preview Info Disclosure Vuln (CVE-2017-8529) (web_client.rules) 2826730 - ProApps WEB_CLIENT Print Preview Info Disclosure Vuln (CVE-2017-8547) (web_client.rules) 2826731 - ProApps EXPLOIT Adobe ATF Memory Corruption (CVE-2017-3078) (exploit.rules) 2826732 - ProApps EXPLOIT Adobe Flash Raster OOB M1 (CVE-2017-3079) (exploit.rules) 2826733 - ProApps EXPLOIT Adobe Flash Raster OOB M2 (CVE-2017-3079) (exploit.rules) 2826734 - ProApps EXPLOIT Adobe Flash Display List Structure UAF M1 (CVE-2017-3081) (exploit.rules) 2826735 - ProApps EXPLOIT Adobe Flash Display List Structure UAF M2 (CVE-2017-3081) (exploit.rules) 2826736 - ProApps EXPLOIT Adobe Flash Display List Structure UAF M3 (CVE-2017-3081) (exploit.rules) 2826737 - ProApps EXPLOIT Adobe Flash Memory Corruption (CVE-2017-3082) (exploit.rules) 2826738 - ProApps EXPLOIT Adobe Flash Primtime SDK UAF (CVE-2017-3083) (exploit.rules) 2826739 - ProApps EXPLOIT Adobe Flash AdvertisingMetadata UAF (CVE-2017-3084) (exploit.rules) 2826740 - ProApps DOS SMB2 CPU exhaustion (CVE-2009-2526) (dos.rules) 2826741 - ProApps EXPLOIT Windows IIS Webdav RCE (CVE-2017-7269) (exploit.rules) [+++] Modify rules: 171 [+++] 2014726 - ProApps POLICY Outdated Flash Version M1 (policy.rules) 2018028 - ProApps TROJAN W32/Madness Checkin (trojan.rules) 2024364 - ProApps SCAN Possible Nmap User-Agent Observed (scan.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 110 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 1080 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 3211 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4466 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 4949 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 5050 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 5900 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6532 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 6767 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 6900 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 6967 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 7070 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 7173 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 7663 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 7665 Group 1 (botcc.portgrouped.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405054 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405055 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405056 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405057 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405058 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405059 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405060 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405061 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405062 - ProApps CNC Shadowserver Reported CnC Server Port 21333 Group 1 (botcc.portgrouped.rules) 2405063 - ProApps CNC Shadowserver Reported CnC Server Port 32768 Group 1 (botcc.portgrouped.rules) 2826677 - ProApps MOBILE_MALWARE Android BankBot Checkin 9 (mobile_malware.rules) 2826678 - ProApps MOBILE_MALWARE Android BankBot Checkin 10 (mobile_malware.rules) 2826704 - ProApps TROJAN OSX/Spy.MacSpy DNS Query (trojan.rules) [+++] Removed rules: 1 [+++] 2024083 - ProApps TROJAN ABUSE.CH SSL Fingerprint Blacklist Malicious SSL Certificate Detected (Gozi MITM) (trojan.rules) [***] ProApps Security IDS Rules Changelog started Mon Jun 12 17:03:14 2017 [***] [+++] Added rules: 24 [+++] 2024376 - ProApps EXPLOIT Win32/Industroyer DDOS Siemens SIPROTEC (CVE-2015-5374) (exploit.rules) 2024377 - ProApps CURRENT_EVENTS Generic Credit Card Information in HTTP POST - Possible Successful Phish Jun 12 2017 (current_events.rules) 2405061 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405062 - ProApps CNC Shadowserver Reported CnC Server Port 21333 Group 1 (botcc.portgrouped.rules) 2405063 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2826691 - ProApps MOBILE_MALWARE Android.Monitor.SpyApp.D Checkin 2 (mobile_malware.rules) 2826692 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 145 (mobile_malware.rules) 2826693 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 146 (mobile_malware.rules) 2826694 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.lg SMS Exfil via SMTP (mobile_malware.rules) 2826695 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.ic Contact Exfil via SMTP 4 (mobile_malware.rules) 2826696 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.ic SMS Exfil via SMTP 3 (mobile_malware.rules) 2826697 - ProApps TROJAN Possible Win32/Jeefo.B Config DL (trojan.rules) 2826698 - ProApps TROJAN Win32/Jeefo.B Domain in SNI (trojan.rules) 2826699 - ProApps CURRENT_EVENTS Successful Apple Phish Jun 12 2017 (current_events.rules) 2826700 - ProApps CURRENT_EVENTS Successful TD Canada Phish Jun 12 2017 (current_events.rules) 2826701 - ProApps CURRENT_EVENTS Successful Wells Fargo Mobile Phish Jun 12 2017 (current_events.rules) 2826702 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.ey Contact Exfil via SMTP 3 (mobile_malware.rules) 2826703 - ProApps TROJAN Unknown sending info via SMTP (trojan.rules) 2826704 - ProApps TROJAN OSX/Spy.MacSpy DNS Query (trojan.rules) 2826705 - ProApps TROJAN Win32/Kryptik.FQUU Checkin (trojan.rules) 2826706 - ProApps CURRENT_EVENTS Successful Banco do Brasil Phish Jun 12 2017 (current_events.rules) 2826707 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.mk Reporting via SMTP 5 (mobile_malware.rules) 2826708 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.mk SMS Exfil via SMTP (mobile_malware.rules) 2826709 - ProApps INFO Data Submitted to Weebly.com - Possible Successful Phish (info.rules) [+++] Modify rules: 199 [+++] 2400000 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 1 (drop.rules) 2400001 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 2 (drop.rules) 2400002 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 3 (drop.rules) 2400003 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 4 (drop.rules) 2400004 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 5 (drop.rules) 2400005 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 6 (drop.rules) 2400006 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 7 (drop.rules) 2400007 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 8 (drop.rules) 2400008 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 9 (drop.rules) 2400009 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 10 (drop.rules) 2400010 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 11 (drop.rules) 2400011 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 12 (drop.rules) 2400012 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 13 (drop.rules) 2400013 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 14 (drop.rules) 2400014 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 15 (drop.rules) 2400015 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 16 (drop.rules) 2400016 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 17 (drop.rules) 2400017 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 18 (drop.rules) 2400018 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 19 (drop.rules) 2400019 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 20 (drop.rules) 2400020 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 21 (drop.rules) 2400021 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 22 (drop.rules) 2400022 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 23 (drop.rules) 2400023 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 24 (drop.rules) 2400024 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 25 (drop.rules) 2400025 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 26 (drop.rules) 2400026 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 27 (drop.rules) 2400027 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 28 (drop.rules) 2400028 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 29 (drop.rules) 2400029 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 30 (drop.rules) 2400030 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 31 (drop.rules) 2400031 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 32 (drop.rules) 2400032 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 33 (drop.rules) 2400033 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 34 (drop.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 110 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 1080 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 3211 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 3333 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 4466 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 4949 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 5050 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 5900 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6532 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 6767 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 6900 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 6967 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 7070 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 7173 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 7663 Group 1 (botcc.portgrouped.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 7665 Group 1 (botcc.portgrouped.rules) 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405054 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405055 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405056 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405057 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405058 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405059 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405060 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2816492 - ProApps CURRENT_EVENTS Successful Apple Phishing Mar 2 (current_events.rules) 2826234 - ProApps POLICY Known Vulnerable Intel AMT Version Detected Outbound (policy.rules) 2826593 - ProApps TROJAN Possible Chthonic DNS Lookup (trojan.rules) [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Fri Jun 9 16:49:28 2017 [***] [+++] Added rules: 14 [+++] 2024369 - ProApps TROJAN PLATINUM Dipsind CnC Beacon (trojan.rules) 2024370 - ProApps CURRENT_EVENTS Successful Poste Italiane Phish Jun 08 2017 (current_events.rules) 2024371 - ProApps CURRENT_EVENTS Successful Banco Itau (BR) Phish Jun 09 2017 (current_events.rules) 2024372 - ProApps CURRENT_EVENTS Successful BBVA Phish Jun 09 2017 (current_events.rules) 2024373 - ProApps TROJAN Win32/Spectre Ransomware CnC Checkin (trojan.rules) 2024374 - ProApps CURRENT_EVENTS Successful Apple Phish Jun 09 2017 (current_events.rules) 2024375 - ProApps INFO Possible Successful Hostinger Generic Phish Jun 09 2017 (info.rules) 2826684 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 144 (mobile_malware.rules) 2826685 - ProApps MOBILE_MALWARE Android/Monitor.Spyoo.L CnC Beacon (mobile_malware.rules) 2826686 - ProApps CURRENT_EVENTS MalDoc Retrieving Payload June 09 2017 (current_events.rules) 2826687 - ProApps CURRENT_EVENTS Successful Santander Phish Jun 09 2017 (current_events.rules) 2826688 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.ic SMS Exfil via SMTP 2 (mobile_malware.rules) 2826689 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.ic Contact Exfil via SMTP 4 (mobile_malware.rules) 2826690 - ProApps MOBILE_MALWARE Trojan-Ransom.AndroidOS.Congur.san Reporting via SMTP (mobile_malware.rules) [+++] Modify rules: 169 [+++] 2003657 - ProApps TROJAN Suspicious User-Agent (MSIE) (trojan.rules) 2018044 - ProApps CURRENT_EVENTS Successful Visa Phish (current_events.rules) 2018304 - ProApps CURRENT_EVENTS Successful iTunes Phish (current_events.rules) 2019781 - ProApps CURRENT_EVENTS Successful AOL/PayPal Phish (current_events.rules) 2020803 - ProApps CURRENT_EVENTS Successful GoogleFile Phish (current_events.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 110 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 1080 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 1881 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 3211 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 3333 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 4466 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 4949 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 5050 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 5900 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6532 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 6900 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405054 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405055 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405056 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405057 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405058 - ProApps CNC Shadowserver Reported CnC Server Port 21333 Group 1 (botcc.portgrouped.rules) 2405059 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2405060 - ProApps CNC Shadowserver Reported CnC Server Port 40669 Group 1 (botcc.portgrouped.rules) 2823165 - ProApps TROJAN Win32/RediModiUpd/Matrix Banker CnC Checkin (trojan.rules) 2825226 - ProApps TROJAN Helminth/Oilrig CnC Beacon 2 (trojan.rules) [+++] Removed rules: 7 [+++] 2405061 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405062 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405063 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405064 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405065 - ProApps CNC Shadowserver Reported CnC Server Port 21333 Group 1 (botcc.portgrouped.rules) 2405066 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2405067 - ProApps CNC Shadowserver Reported CnC Server Port 40669 Group 1 (botcc.portgrouped.rules) [***] ProApps Security IDS Rules Changelog started Thu Jun 8 17:08:17 2017 [***] [+++] Added rules: 40 [+++] 2024364 - ProApps SCAN Possible Nmap User-Agent Observed (scan.rules) 2024365 - ProApps CURRENT_EVENTS Tech Support Phone Scam Landing (warning.mp3) Jan 24 2017 (current_events.rules) 2024366 - ProApps TROJAN OpenSSH in ICMP Payload - Possible Covert Channel (trojan.rules) 2024367 - ProApps CURRENT_EVENTS Bingo EK Payload Download (current_events.rules) 2024368 - ProApps WEB_SPECIFIC_APPS OTRS Installation Dialog (after auth) attempt (web_specific_apps.rules) 2405058 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405059 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405060 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405061 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405062 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405063 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405064 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405065 - ProApps CNC Shadowserver Reported CnC Server Port 21333 Group 1 (botcc.portgrouped.rules) 2405066 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2405067 - ProApps CNC Shadowserver Reported CnC Server Port 40669 Group 1 (botcc.portgrouped.rules) 2826659 - ProApps TROJAN APT19 Cobalt Strike Checkin (trojan.rules) 2826660 - ProApps CURRENT_EVENTS Successful Secured Docs Phish Jun 07 2017 (current_events.rules) 2826661 - ProApps CURRENT_EVENTS Successful Verified by Visa Phish Jun 07 2017 (current_events.rules) 2826662 - ProApps CURRENT_EVENTS Blockchain Phishing Landing Jun 07 2017 (current_events.rules) 2826663 - ProApps CURRENT_EVENTS Possible Successful Generic Phish (set) Jun 08 2017 (current_events.rules) 2826664 - ProApps CURRENT_EVENTS Successful American Express Phish Jun 08 2017 (current_events.rules) 2826665 - ProApps CURRENT_EVENTS Apple Phishing Landing Jun 08 2017 (current_events.rules) 2826666 - ProApps CURRENT_EVENTS Successful Apple Phish M1 Jun 08 2017 (current_events.rules) 2826667 - ProApps CURRENT_EVENTS Successful Apple Phish M2 Jun 08 2017 (current_events.rules) 2826668 - ProApps CURRENT_EVENTS Successful Apple Phish M3 Jun 08 2017 (current_events.rules) 2826669 - ProApps CURRENT_EVENTS Successful Netlix Phish Jun 08 2017 (current_events.rules) 2826670 - ProApps CURRENT_EVENTS Successful DHL Phish Jun 08 2017 (current_events.rules) 2826671 - ProApps CURRENT_EVENTS DHL Phishing Landing Jun 08 2017 (current_events.rules) 2826672 - ProApps CURRENT_EVENTS Successful Adobe/Dropbox Phish Jun 08 2017 (current_events.rules) 2826673 - ProApps CURRENT_EVENTS Successful Apple Phish Jun 08 2017 (current_events.rules) 2826674 - ProApps TROJAN Possible Carbanak JScript CnC Beacon (trojan.rules) 2826675 - ProApps TROJAN Hana Checkin (trojan.rules) 2826676 - ProApps TROJAN Hana CnC Beacon (trojan.rules) 2826677 - ProApps MOBILE_MALWARE Android BankBot Checkin 9 (mobile_malware.rules) 2826678 - ProApps MOBILE_MALWARE Android BankBot Checkin 10 (mobile_malware.rules) 2826679 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 143 (mobile_malware.rules) 2826680 - ProApps TROJAN MSIL/Stimilik.CO Stealer CnC Activity (trojan.rules) 2826681 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher.snt CnC Beacon (mobile_malware.rules) 2826682 - ProApps TROJAN Bunitu DNS Lookup (trojan.rules) 2826683 - ProApps TROJAN Win32/Patpoopy CnC Beacon (trojan.rules) [+++] Modify rules: 166 [+++] 2018044 - ProApps CURRENT_EVENTS Successful Visa Phish (current_events.rules) 2018304 - ProApps CURRENT_EVENTS Successful iTunes Phish (current_events.rules) 2019781 - ProApps CURRENT_EVENTS Successful AOL/PayPal Phish (current_events.rules) 2020803 - ProApps CURRENT_EVENTS Successful GoogleFile Phish (current_events.rules) 2024322 - ProApps TROJAN Win32/ASPC Bot CnC Checkin M1 (trojan.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 110 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 1080 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 1863 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 1881 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 3211 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 3333 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 4466 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 4949 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 5050 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 5900 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6532 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 6767 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 6900 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 6967 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 7070 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 7173 Group 1 (botcc.portgrouped.rules) 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 7663 Group 1 (botcc.portgrouped.rules) 2405054 - ProApps CNC Shadowserver Reported CnC Server Port 7665 Group 1 (botcc.portgrouped.rules) 2405055 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405056 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405057 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2821772 - ProApps CURRENT_EVENTS Successful Blockchain Account Phish Aug 19 2016 (current_events.rules) 2826370 - ProApps TROJAN Win32/TrojanDownloader.VB.RBO CnC Beacon (trojan.rules) [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Wed Jun 7 16:36:41 2017 [***] [+++] Added rules: 30 [+++] 2024353 - ProApps CURRENT_EVENTS SunDown EK RIP Landing M1 B641 (current_events.rules) 2024354 - ProApps CURRENT_EVENTS SunDown EK RIP Landing M1 B642 (current_events.rules) 2024355 - ProApps CURRENT_EVENTS SunDown EK RIP Landing M1 B643 (current_events.rules) 2024356 - ProApps CURRENT_EVENTS SunDown EK RIP Landing M2 B641 (current_events.rules) 2024357 - ProApps CURRENT_EVENTS SunDown EK RIP Landing M2 B642 (current_events.rules) 2024358 - ProApps CURRENT_EVENTS SunDown EK RIP Landing M2 B643 (current_events.rules) 2024359 - ProApps CURRENT_EVENTS SunDown EK RIP Landing M3 B641 (current_events.rules) 2024360 - ProApps CURRENT_EVENTS SunDown EK RIP Landing M3 B642 (current_events.rules) 2024361 - ProApps CURRENT_EVENTS SunDown EK RIP Landing M3 B643 (current_events.rules) 2024362 - ProApps CURRENT_EVENTS SunDown EK RIP Landing M4 B641 (current_events.rules) 2024363 - ProApps CURRENT_EVENTS SunDown EK RIP Landing M4 B642 (current_events.rules) 2826640 - ProApps TROJAN HiddenTear Ransomware KKK Variant DNS Lookup (trojan.rules) 2826641 - ProApps TROJAN HiddenTear Ransomware KKK Variant DNS Lookup (trojan.rules) 2826642 - ProApps TROJAN Win32/IRCBot.AVI Checkin (trojan.rules) 2826643 - ProApps TROJAN Win32/IRCBot.AVI Command (Keylog) (trojan.rules) 2826644 - ProApps TROJAN Win32/IRCBot.AVI Command Complete (Flood) (trojan.rules) 2826645 - ProApps TROJAN Win32/IRCBot.AVI Command Complete (Keylog) (trojan.rules) 2826646 - ProApps TROJAN Win32/IRCBot.AVI Command Complete (HTTP DoS) (trojan.rules) 2826647 - ProApps TROJAN Win32/IRCBot.AVI Command Complete (DDoS) (trojan.rules) 2826648 - ProApps TROJAN Win32/IRCBot.AVI Joinning IRC Channel (trojan.rules) 2826649 - ProApps TROJAN MSIL/Unk.RAT CnC Checkin (trojan.rules) 2826650 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 140 (mobile_malware.rules) 2826651 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 141 (mobile_malware.rules) 2826652 - ProApps CURRENT_EVENTS Successful Facebook Phish Jun 07 2017 (current_events.rules) 2826653 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 142 (mobile_malware.rules) 2826654 - ProApps TROJAN APT19 PS Checkin (trojan.rules) 2826655 - ProApps CURRENT_EVENTS Successful Webhostapp Hosted Generic Phish Jun 07 2017 (current_events.rules) 2826656 - ProApps TROJAN Unknown Checkin (trojan.rules) 2826657 - ProApps MOBILE_MALWARE Backdoor.AndroidOS.Dingwe.a Checkin 2 (mobile_malware.rules) 2826658 - ProApps MOBILE_MALWARE Backdoor.AndroidOS.Dingwe.a SMS/Contact Exfil (mobile_malware.rules) [+++] Modify rules: 164 [+++] 2013372 - ProApps TROJAN Win32/Oliga Fake User Agent (trojan.rules) 2024224 - ProApps WEB_CLIENT Office Requesting .HTA File Likely CVE-2017-0199 Request (web_client.rules) 2024349 - ProApps CURRENT_EVENTS SUSPICIOUS DNS Request for Grey Advertising Often Leading to EK (current_events.rules) 2024350 - ProApps CURRENT_EVENTS SUSPICIOUS Request for Grey Advertising Often Leading to EK (current_events.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 1080 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 3211 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 3333 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4466 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 4949 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 5050 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 5900 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6532 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405054 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405055 - ProApps CNC Shadowserver Reported CnC Server Port 21333 Group 1 (botcc.portgrouped.rules) 2405056 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2405057 - ProApps CNC Shadowserver Reported CnC Server Port 40669 Group 1 (botcc.portgrouped.rules) 2820175 - ProApps TROJAN Possible Betabot Module Download (trojan.rules) [+++] Removed rules: 1 [+++] 2405058 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) [***] ProApps Security IDS Rules Changelog started Tue Jun 6 16:39:26 2017 [***] [+++] Added rules: 13 [+++] 2024351 - ProApps TROJAN Executioner Ransomware Reporting Infection via SMTP (trojan.rules) 2024352 - ProApps TROJAN MSIL/Unk.HT-Based Ransomware CnC Checkin (trojan.rules) 2405056 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405057 - ProApps CNC Shadowserver Reported CnC Server Port 21333 Group 1 (botcc.portgrouped.rules) 2405058 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2826632 - ProApps MOBILE_MALWARE Android/G5P.BH CnC Beacon (mobile_malware.rules) 2826633 - ProApps CURRENT_EVENTS Possible ETERNALROCKS .Net Module Download (current_events.rules) 2826634 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.ic Contact Exfil via SMTP 3 (mobile_malware.rules) 2826635 - ProApps MALWARE PUP.UnityWebPlugin Checkin (malware.rules) 2826636 - ProApps CURRENT_EVENTS SocEng Leading to Download June 6 2017 (current_events.rules) 2826637 - ProApps TROJAN Squiblydoo Scriptlet Download (trojan.rules) 2826638 - ProApps MALWARE Win32/TrojanDownloader.Banload Post Request (malware.rules) 2826639 - ProApps TROJAN Malicious SSL certificate detected (PupyRat) (trojan.rules) [+++] Modify rules: 168 [+++] 2000347 - ProApps TROJAN IRC Private message on non-standard port (trojan.rules) 2012981 - ProApps TROJAN Possible FakeAV Binary Download (Security) (trojan.rules) 2024224 - ProApps WEB_CLIENT Office Requesting .HTA File Likely CVE-2017-0199 Request (web_client.rules) 2024349 - ProApps CURRENT_EVENTS SUSPICIOUS DNS Request for Grey Advertising Often Leading to EK (current_events.rules) 2024350 - ProApps CURRENT_EVENTS SUSPICIOUS Request for Grey Advertising Often Leading to EK (current_events.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 110 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 1080 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 1881 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 3211 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 3333 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 4949 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 5050 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 5900 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6532 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 6900 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405054 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405055 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2819903 - ProApps TROJAN App Whitelist Bypass Via Com Scriptlet Inbound (trojan.rules) 2820175 - ProApps TROJAN Possible Betabot Module Download (trojan.rules) 2821014 - ProApps WEB_CLIENT suspicious .CAB containing single executable file (observed in maldoc campaign) (web_client.rules) 2825239 - ProApps TROJAN Lets Encrypt Free SSL Cert Observed in Possible Apple Phishing (trojan.rules) 2826441 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.iz Contact Exfil via SMTP 4 (mobile_malware.rules) 2826589 - ProApps TROJAN Win32/Neshta.A Download Request (trojan.rules) [+++] Removed rules: 1 [+++] 2803698 - ProApps TROJAN Backdoor.Win32.Protux.B Checkin 2 (trojan.rules) [***] ProApps Security IDS Rules Changelog started Mon Jun 5 16:54:14 2017 [***] [+++] Added rules: 25 [+++] 2024348 - ProApps TROJAN Win32/Fireball Activity (trojan.rules) 2024349 - ProApps CURRENT_EVENTS Observed DNS Query for RoughTed Malvertising Domain (current_events.rules) 2024350 - ProApps CURRENT_EVENTS RoughTed Malvertising Request (current_events.rules) 2826589 - ProApps TROJAN Win32/Neshta.A Download Request (trojan.rules) 2826611 - ProApps CURRENT_EVENTS Blockchain Phishing Landing Jun 02 2017 (current_events.rules) 2826612 - ProApps CURRENT_EVENTS Successful Blockchain Phish Jun 02 2017 (current_events.rules) 2826613 - ProApps TROJAN ColorFish Requesting Main Payload (trojan.rules) 2826614 - ProApps TROJAN ColorFish CnC Checkin (trojan.rules) 2826615 - ProApps TROJAN ColorFish Requesting Additional Modules (trojan.rules) 2826616 - ProApps TROJAN ColorFish CnC Beacon (trojan.rules) 2826617 - ProApps CURRENT_EVENTS Successful iCloud Phish Jun 04 2017 (current_events.rules) 2826618 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 138 (mobile_malware.rules) 2826619 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 139 (mobile_malware.rules) 2826620 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Rymner.f CnC Beacon (mobile_malware.rules) 2826621 - ProApps CURRENT_EVENTS Free Airfare Phish Landing Response June 05 2017 (current_events.rules) 2826622 - ProApps CURRENT_EVENTS Successful iTunes Connect Phish M1 Jun 05 2017 (current_events.rules) 2826623 - ProApps CURRENT_EVENTS Successful iTunes Connect Phish M2 Jun 05 2017 (current_events.rules) 2826624 - ProApps MOBILE_MALWARE Trojan.AndroidOS.Boogr.gsh CnC Beacon (mobile_malware.rules) 2826625 - ProApps MOBILE_MALWARE Trojan.AndroidOS.Boogr.gsh CnC Beacon 2 (mobile_malware.rules) 2826626 - ProApps MOBILE_MALWARE Trojan.AndroidOS.Boogr.gsh CnC Beacon 3 (mobile_malware.rules) 2826627 - ProApps CURRENT_EVENTS Evil Redirector Leading to RigEK Jun 05 2017 (current_events.rules) 2826628 - ProApps MOBILE_MALWARE AdWare.AndroidOS.Tupgad.a CnC Beacon (mobile_malware.rules) 2826629 - ProApps TROJAN Unk.Miner Checkin (trojan.rules) 2826630 - ProApps CURRENT_EVENTS Possible SocEng IE/Edge ArialFont DL Jun 05 M1 (current_events.rules) 2826631 - ProApps TROJAN Malicious JS SSL Certificate Detected (trojan.rules) [+++] Modify rules: 197 [+++] 2019378 - ProApps TROJAN Gozi Checkin (trojan.rules) 2400000 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 1 (drop.rules) 2400001 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 2 (drop.rules) 2400002 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 3 (drop.rules) 2400003 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 4 (drop.rules) 2400004 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 5 (drop.rules) 2400005 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 6 (drop.rules) 2400006 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 7 (drop.rules) 2400007 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 8 (drop.rules) 2400008 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 9 (drop.rules) 2400009 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 10 (drop.rules) 2400010 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 11 (drop.rules) 2400011 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 12 (drop.rules) 2400012 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 13 (drop.rules) 2400013 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 14 (drop.rules) 2400014 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 15 (drop.rules) 2400015 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 16 (drop.rules) 2400016 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 17 (drop.rules) 2400017 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 18 (drop.rules) 2400018 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 19 (drop.rules) 2400019 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 20 (drop.rules) 2400020 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 21 (drop.rules) 2400021 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 22 (drop.rules) 2400022 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 23 (drop.rules) 2400023 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 24 (drop.rules) 2400024 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 25 (drop.rules) 2400025 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 26 (drop.rules) 2400026 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 27 (drop.rules) 2400027 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 28 (drop.rules) 2400028 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 29 (drop.rules) 2400029 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 30 (drop.rules) 2400030 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 31 (drop.rules) 2400031 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 32 (drop.rules) 2400032 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 33 (drop.rules) 2400033 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 34 (drop.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 110 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 1080 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 3333 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 4949 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 5050 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 5900 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 6532 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405054 - ProApps CNC Shadowserver Reported CnC Server Port 21333 Group 1 (botcc.portgrouped.rules) 2405055 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2805133 - ProApps TROJAN Win32/Zegost.Z CnC Traffic (trojan.rules) 2807357 - ProApps MOBILE_MALWARE Android/TrojanSMS.Agent.SD Checkin (mobile_malware.rules) 2809527 - ProApps TROJAN Infostealer.Gamania Checkin (trojan.rules) 2819903 - ProApps TROJAN App Whitelist Bypass Via Com Scriptlet Inbound (trojan.rules) 2826508 - ProApps MALWARE Win32.EoRezo.AB Checkin (malware.rules) [+++] Removed rules: 3 [+++] 2405056 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2405057 - ProApps CNC Shadowserver Reported CnC Server Port 40669 Group 1 (botcc.portgrouped.rules) 2826589 - ProApps MALWARE MSIL/TrojanDropper.Agent Download Request (malware.rules) [***] ProApps Security IDS Rules Changelog started Fri Jun 2 16:39:05 2017 [***] [+++] Added rules: 24 [+++] 2024343 - ProApps CURRENT_EVENTS Terror EK Landing URI T1 Jun 02 2017 (current_events.rules) 2024344 - ProApps CURRENT_EVENTS Terror EK Payload URI T1 Jun 02 2017 (current_events.rules) 2024345 - ProApps CURRENT_EVENTS Terror EK Payload URI T1 Jun 02 2017 M2 (current_events.rules) 2024346 - ProApps CURRENT_EVENTS Terror EK Landing T1 Jun 02 2017 M1 (current_events.rules) 2024347 - ProApps CURRENT_EVENTS Terror EK Landing T1 Jun 02 2017 M2 (current_events.rules) 2826508 - ProApps MALWARE Win32.EoRezo.AB Checkin (malware.rules) 2826593 - ProApps TROJAN Possible Chthonic DNS Lookup (trojan.rules) 2826594 - ProApps TROJAN Unknown Keylogger Checkin (trojan.rules) 2826595 - ProApps TROJAN JS_NETREPSER.A Checkin (trojan.rules) 2826596 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 137 (mobile_malware.rules) 2826597 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.Agent.cs CnC Beacon (mobile_malware.rules) 2826598 - ProApps TROJAN ROKRAT Checkin (trojan.rules) 2826599 - ProApps TROJAN ROKRAT Checkin 2 (trojan.rules) 2826600 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.ar SMS Exfil via SMTP 2 (mobile_malware.rules) 2826601 - ProApps CURRENT_EVENTS Successful American Express Phish Jun 02 2017 (current_events.rules) 2826602 - ProApps CURRENT_EVENTS Successful Poloniex Cryptocurrency Exchange Phish Jun 02 2017 (current_events.rules) 2826603 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.lg Reporting via SMTP (mobile_malware.rules) 2826604 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.lg Reporting via SMTP 2 (mobile_malware.rules) 2826605 - ProApps CURRENT_EVENTS Successful Caixa Phish Jun 02 2017 (current_events.rules) 2826606 - ProApps CURRENT_EVENTS Successful Banque Populaire Phish Jun 02 2017 (current_events.rules) 2826607 - ProApps CURRENT_EVENTS Successful Western Union Phish M1 Jun 02 2017 (current_events.rules) 2826608 - ProApps CURRENT_EVENTS Successful Western Union Phish M2 Jun 02 2017 (current_events.rules) 2826609 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.es SMS/Contact Exfil via SMTP 2 (mobile_malware.rules) 2826610 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.es SMS/Contact Exfil via SMTP 3 (mobile_malware.rules) [+++] Modify rules: 162 [+++] 2017584 - ProApps TROJAN Chthonic Checkin (trojan.rules) 2024342 - ProApps WEB_SPECIFIC_APPS Joomla 3.7.0 - Sql Injection (CVE-2017-8917) (web_specific_apps.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 1080 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 3211 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 3333 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4466 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 4949 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 5050 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 5900 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6532 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405054 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405055 - ProApps CNC Shadowserver Reported CnC Server Port 21333 Group 1 (botcc.portgrouped.rules) 2405056 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2405057 - ProApps CNC Shadowserver Reported CnC Server Port 40669 Group 1 (botcc.portgrouped.rules) 2826233 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.iz Contact Exfil via SMTP 2 (mobile_malware.rules) [+++] Removed rules: 1 [+++] 2826508 - ProApps TROJAN Win32.EoRezo.AB Checkin (trojan.rules) [***] ProApps Security IDS Rules Changelog started Thu Jun 1 16:02:26 2017 [***] [+++] Added rules: 36 [+++] 2024342 - ProApps WEB_SPECIFIC_APPS Joomla 3.7.0 - Sql Injection (CVE-2017-8917) (web_specific_apps.rules) 2826558 - ProApps CURRENT_EVENTS Obfuscated Phishing Landing - Observed in Office 365 Phish May 31 2017 (current_events.rules) 2826559 - ProApps CURRENT_EVENTS Outlook 365 Phishing Landing Request May 31 2017 (current_events.rules) 2826560 - ProApps CURRENT_EVENTS Successful Santander Phish May 31 2017 (current_events.rules) 2826561 - ProApps CURRENT_EVENTS Successful Orange.fr Phish May 31 2017 (current_events.rules) 2826562 - ProApps TROJAN Hidden-Tear Ransomware Variant CnC Checkin (trojan.rules) 2826563 - ProApps CURRENT_EVENTS Successful Chase Phish M1 May 31 2017 (current_events.rules) 2826564 - ProApps CURRENT_EVENTS Successful Chase Phish M2 May 31 2017 (current_events.rules) 2826565 - ProApps CURRENT_EVENTS Possible Successful Generic Phish (set) May 31 2017 (current_events.rules) 2826566 - ProApps CURRENT_EVENTS Successful Office 365 Phish May 31 2017 (current_events.rules) 2826567 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 134 (mobile_malware.rules) 2826568 - ProApps MOBILE_MALWARE Android.Adware.Vsaas.A Checkin (mobile_malware.rules) 2826569 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 135 (mobile_malware.rules) 2826570 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 136 (mobile_malware.rules) 2826571 - ProApps MOBILE_MALWARE Trojan-SMS.AndroidOS.FakeInst.fb CnC Beacon (mobile_malware.rules) 2826572 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.ey SMS Exfil via SMTP 2 (mobile_malware.rules) 2826573 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.ey Contact Exfil via SMTP 2 (mobile_malware.rules) 2826574 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.ju Contact/SMS Exfil via SMTP (mobile_malware.rules) 2826575 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.ju Contact/SMS Exfil via SMTP 2 (mobile_malware.rules) 2826576 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.ju Contact/SMS Exfil via SMTP 3 (mobile_malware.rules) 2826577 - ProApps TROJAN DNS Query to Cerber Domain (1fgywm . top) (trojan.rules) 2826578 - ProApps TROJAN DNS Query to Cerber Domain (1kraqn . top) (trojan.rules) 2826579 - ProApps TROJAN DNS Query to Cerber Domain (fgfid6 . win) (trojan.rules) 2826580 - ProApps TROJAN DNS Query to Cerber Domain (1dq6nd . top) (trojan.rules) 2826581 - ProApps TROJAN DNS Query to Cerber Domain (13qgdd . top) (trojan.rules) 2826582 - ProApps TROJAN DNS Query to Cerber Domain (1bu9xu . top) (trojan.rules) 2826583 - ProApps TROJAN DNS Query to Cerber Domain (to6maq . win) (trojan.rules) 2826584 - ProApps TROJAN DNS Query to Cerber Domain (1lfyy4 . top) (trojan.rules) 2826585 - ProApps TROJAN DNS Query to Cerber Domain (metpast . site) (trojan.rules) 2826586 - ProApps TROJAN DNS Query to Cerber Domain (lfotp5 . win) (trojan.rules) 2826587 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.iz Contact Exfil via SMTP 7 (mobile_malware.rules) 2826588 - ProApps CURRENT_EVENTS Possible Ransom Payment Page Request (local .hta Referer) (current_events.rules) 2826589 - ProApps MALWARE MSIL/TrojanDropper.Agent Download Request (malware.rules) 2826590 - ProApps TROJAN Malicious JS Downloader Domain in SNI (trojan.rules) 2826591 - ProApps TROJAN APT.Debbocs CnC Beacon (trojan.rules) 2826592 - ProApps TROJAN Carbanak VBS/GGLDR v3 CnC Beacon (trojan.rules) [+++] Modify rules: 168 [+++] 2017584 - ProApps TROJAN Chthonic Checkin (trojan.rules) 2018543 - ProApps CURRENT_EVENTS Neverquest/Vawtrak Posting Data (current_events.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 1080 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 3211 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 3333 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4466 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 4949 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 5050 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 5900 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6532 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405054 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405055 - ProApps CNC Shadowserver Reported CnC Server Port 21333 Group 1 (botcc.portgrouped.rules) 2405056 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2405057 - ProApps CNC Shadowserver Reported CnC Server Port 40669 Group 1 (botcc.portgrouped.rules) 2810016 - ProApps MOBILE_MALWARE Trojan-SMS.AndroidOS.FakeInst.fb Checkin 4 (mobile_malware.rules) 2822329 - ProApps TROJAN MSIL/Eskimo.A Steam PWS CnC Activity (trojan.rules) 2822890 - ProApps TROJAN W32.Cerber Ransomware README.hta HTTP Referer (trojan.rules) 2823311 - ProApps CURRENT_EVENTS Successful Linkedin Phish Nov 16 2016 (current_events.rules) 2823722 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw Checkin via SMTP (mobile_malware.rules) 2826546 - ProApps INFO Observed DNS Query for DDNS domain (camerakeeper .tv) (info.rules) 2826555 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.hs Reporting via SMTP (mobile_malware.rules) [+++] Removed rules: 1 [+++] 2826548 - ProApps TROJAN Observed Malicious JS Downloader SSL Cert (trojan.rules) [***] ProApps Security IDS Rules Changelog started Wed May 31 16:52:56 2017 [***] [+++] Added rules: 18 [+++] 2024338 - ProApps TROJAN Jaff Ransomware Checkin (trojan.rules) 2024339 - ProApps TROJAN DNS Query to Jaff Domain (orhangazitur . com) (trojan.rules) 2024340 - ProApps TROJAN Jaff Ransomware Checkin (trojan.rules) 2024341 - ProApps TROJAN DNS Query to Jaff Domain (comboratiogferrdto . com) (trojan.rules) 2405056 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2405057 - ProApps CNC Shadowserver Reported CnC Server Port 40669 Group 1 (botcc.portgrouped.rules) 2826546 - ProApps INFO Observed DNS Query for DDNS domain (camerakeeper .tv) (info.rules) 2826547 - ProApps TROJAN Observed Malicious Domain SSL Cert in SNI (MSIL/ExtenBro.CL) (trojan.rules) 2826548 - ProApps TROJAN Observed Malicious JS Downloader SSL Cert (trojan.rules) 2826549 - ProApps TROJAN MSIL/njRAT/Bladabindi Variant (Microsoft_key_update) CnC Checkin (trojan.rules) 2826550 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.ic Contact Exfil via SMTP 2 (mobile_malware.rules) 2826551 - ProApps CURRENT_EVENTS Successful Bank of America Phish M1 May 31 2017 (current_events.rules) 2826552 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.ar Reporting via SMTP 2 (mobile_malware.rules) 2826553 - ProApps CURRENT_EVENTS Successful Bank of America Phish M2 May 31 2017 (current_events.rules) 2826554 - ProApps CURRENT_EVENTS Successful Bank of America Phish M3 May 31 2017 (current_events.rules) 2826555 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.hs Reporting via SMTP (mobile_malware.rules) 2826556 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.eg Contact Exfil via SMTP 2 (mobile_malware.rules) 2826557 - ProApps CURRENT_EVENTS Dropbox Phishing Landing May 31 2017 (current_events.rules) [+++] Modify rules: 160 [+++] 2018543 - ProApps CURRENT_EVENTS Neverquest/Vawtrak Posting Data (current_events.rules) 2022840 - ProApps TROJAN Possible CryptXXX Ransomware Renaming Encrypted File SMB v2 (trojan.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 1080 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 3211 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 3333 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4466 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 4949 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 5050 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 5900 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6532 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405054 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405055 - ProApps CNC Shadowserver Reported CnC Server Port 21333 Group 1 (botcc.portgrouped.rules) 2826233 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.iz Contact Exfil via SMTP 2 (mobile_malware.rules) [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Tue May 30 17:56:08 2017 [***] [+++] Added rules: 6 [+++] 2024337 - ProApps EXPLOIT Possible $MFT NTFS Device Access in HTTP Response (exploit.rules) 2826541 - ProApps CURRENT_EVENTS Possible Phishing Landing - Common Multiple JS Unescape May 25 2017 (current_events.rules) 2826542 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.hs Contact Exfil via SMTP (mobile_malware.rules) 2826543 - ProApps MOBILE_MALWARE Unknown Android Trojan Checkin (mobile_malware.rules) 2826544 - ProApps TROJAN Cyst Downloader Fake 404 (trojan.rules) 2826545 - ProApps MOBILE_MALWARE Unknown Android Trojan CnC Beacon (mobile_malware.rules) [+++] Modify rules: 193 [+++] 2400000 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 1 (drop.rules) 2400001 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 2 (drop.rules) 2400002 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 3 (drop.rules) 2400003 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 4 (drop.rules) 2400004 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 5 (drop.rules) 2400005 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 6 (drop.rules) 2400006 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 7 (drop.rules) 2400007 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 8 (drop.rules) 2400008 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 9 (drop.rules) 2400009 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 10 (drop.rules) 2400010 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 11 (drop.rules) 2400011 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 12 (drop.rules) 2400012 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 13 (drop.rules) 2400013 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 14 (drop.rules) 2400014 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 15 (drop.rules) 2400015 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 16 (drop.rules) 2400016 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 17 (drop.rules) 2400017 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 18 (drop.rules) 2400018 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 19 (drop.rules) 2400019 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 20 (drop.rules) 2400020 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 21 (drop.rules) 2400021 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 22 (drop.rules) 2400022 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 23 (drop.rules) 2400023 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 24 (drop.rules) 2400024 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 25 (drop.rules) 2400025 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 26 (drop.rules) 2400026 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 27 (drop.rules) 2400027 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 28 (drop.rules) 2400028 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 29 (drop.rules) 2400029 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 30 (drop.rules) 2400030 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 31 (drop.rules) 2400031 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 32 (drop.rules) 2400032 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 33 (drop.rules) 2400033 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 34 (drop.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 1080 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 3333 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4949 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 5050 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 5900 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 6532 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 21333 Group 1 (botcc.portgrouped.rules) 2405054 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2405055 - ProApps CNC Shadowserver Reported CnC Server Port 40669 Group 1 (botcc.portgrouped.rules) 2824477 - ProApps MOBILE_MALWARE Trojan-Ransom.AndroidOS.Congur.a Checkin via SMTP (mobile_malware.rules) 2826511 - ProApps MOBILE_MALWARE Unknown Android Loader CnC Beacon (mobile_malware.rules) [+++] Removed rules: 3 [+++] 2405056 - ProApps CNC Shadowserver Reported CnC Server Port 21333 Group 1 (botcc.portgrouped.rules) 2405057 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2405058 - ProApps CNC Shadowserver Reported CnC Server Port 40669 Group 1 (botcc.portgrouped.rules) [***] ProApps Security IDS Rules Changelog started Fri May 26 17:00:47 2017 [***] [+++] Added rules: 6 [+++] 2826535 - ProApps TROJAN Core Bot C2 SSL Certificate Detected (trojan.rules) 2826536 - ProApps TROJAN Core Bot C2 SSL Certificate Detected (trojan.rules) 2826537 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 133 (mobile_malware.rules) 2826538 - ProApps TROJAN Core Bot IP Check (trojan.rules) 2826539 - ProApps TROJAN Core Bot Injects SSL Certificate Detected (trojan.rules) 2826540 - ProApps TROJAN Core Bot Injects SSL Certificate Detected (trojan.rules) [+++] Modify rules: 164 [+++] 2024330 - ProApps TROJAN APT32 Komprogo DNS Lookup (trojan.rules) 2024331 - ProApps TROJAN APT32 Komprogo DNS Lookup (trojan.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 1080 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 3211 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 3333 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 4949 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 5050 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 5252 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 5656 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 5900 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6532 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405054 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405055 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405056 - ProApps CNC Shadowserver Reported CnC Server Port 21333 Group 1 (botcc.portgrouped.rules) 2405057 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2405058 - ProApps CNC Shadowserver Reported CnC Server Port 40669 Group 1 (botcc.portgrouped.rules) 2825179 - ProApps TROJAN Carbanak PowerShell DNS TXT CnC Beacon 2 (trojan.rules) 2826511 - ProApps MOBILE_MALWARE Unknown Android Loader CnC Beacon (mobile_malware.rules) [+++] Removed rules: 0 [+++] Read more » | |
|
May 15 |
ProApps Security IDS Rules Changelog 2017-05-15
Postado por Rafael Honorato on 15/May 17:19
|
[***] Summary 2017-05-15 [***] Total added rules: 745 Total modified rules: 2899 Total removed rules: 142 [***] ProApps Security IDS Rules Changelog started Sat May 13 15:55:54 2017 [***] [+++] Added rules: 1 [+++] 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 40669 Group 1 (botcc.portgrouped.rules) [+++] Modify rules: 154 [+++] 2024217 - ProApps EXPLOIT Possible ETERNALBLUE MS17-010 Heap Spray (exploit.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 3333 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 5050 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 5252 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6900 Group 1 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Fri May 12 17:11:50 2017 [***] [+++] Added rules: 2 [+++] 2826373 - ProApps CURRENT_EVENTS Successful Adobe Shared PDF Phish May 12 2017 (current_events.rules) 2826374 - ProApps CURRENT_EVENTS Successful Georgia Tech Phish May 12 2017 (current_events.rules) [+++] Modify rules: 0 [+++] [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Fri May 12 14:49:42 2017 [***] [+++] Added rules: 5 [+++] 2024291 - ProApps TROJAN Possible WannaCry DNS Lookup (trojan.rules) 2024292 - ProApps INFO Bitcoin QR Code Generated via Btcfrog.com (info.rules) 2826370 - ProApps TROJAN Win32/TrojanDownloader.VB.RBO CnC Beacon (trojan.rules) 2826371 - ProApps CURRENT_EVENTS Successful National Australia Bank Phish May 12 2017 (current_events.rules) 2826372 - ProApps CURRENT_EVENTS Successful Suntrust Bank Phish May 12 2017 (current_events.rules) [+++] Modify rules: 202 [+++] 2001569 - ProApps SCAN Behavioral Unusual Port 445 traffic Potential Scan or Infection (scan.rules) 2001579 - ProApps SCAN Behavioral Unusual Port 139 traffic Potential Scan or Infection (scan.rules) 2001580 - ProApps SCAN Behavioral Unusual Port 137 traffic Potential Scan or Infection (scan.rules) 2001581 - ProApps SCAN Behavioral Unusual Port 135 traffic Potential Scan or Infection (scan.rules) 2001582 - ProApps SCAN Behavioral Unusual Port 1434 traffic Potential Scan or Infection (scan.rules) 2001583 - ProApps SCAN Behavioral Unusual Port 1433 traffic Potential Scan or Infection (scan.rules) 2001972 - ProApps SCAN Behavioral Unusually fast Terminal Server Traffic Potential Scan or Infection (Inbound) (scan.rules) 2003380 - ProApps TROJAN Suspicious User-Agent - Possible Trojan Downloader (ver18/ver19 etc) (trojan.rules) 2008017 - ProApps TROJAN Philis.J ICMP Sweep (Payload Hello World) (trojan.rules) 2008150 - ProApps MALWARE Avsystemcare.com Fake AV User-Agent (LocusSoftware NetInstaller) (malware.rules) 2008738 - ProApps TROJAN Suspicious Accept-Language HTTP Header zh-cn likely Kernelbot/Conficker Trojan Related (trojan.rules) 2009714 - ProApps WEB_SERVER Script tag in URI Possible Cross Site Scripting Attempt (web_server.rules) 2010087 - ProApps SCAN Suspicious User-Agent Containing SQL Inject/ion Likely SQL Injection Scanner (scan.rules) 2010088 - ProApps SCAN Suspicious User-Agent Containing Web Scan/er Likely Web Scanner (scan.rules) 2010089 - ProApps SCAN Suspicious User-Agent Containing Security Scan/ner Likely Scan (scan.rules) 2010284 - ProApps WEB_SERVER SELECT INSTR in URI Possible ORACLE Related Blind SQL Injection Attempt (web_server.rules) 2010285 - ProApps WEB_SERVER SELECT SUBSTR/ING in URI Possible Blind SQL Injection Attempt (web_server.rules) 2010494 - ProApps SCAN Multiple MySQL Login Failures Possible Brute Force Attempt (scan.rules) 2010625 - ProApps TROJAN FakeAV Landing Page (aid sid) (trojan.rules) 2010641 - ProApps SCAN ICMP @hello request Likely Precursor to Scan (scan.rules) 2010681 - ProApps SCAN ICMP Delphi Likely Precursor to Scan (scan.rules) 2010719 - ProApps WEB_SPECIFIC_APPS e107 CMS backdoor access admin-access cookie and HTTP POST (web_specific_apps.rules) 2011243 - ProApps WEB_SERVER Bot Search RFI Scan (ByroeNet/Casper-Like planetwork) (web_server.rules) 2011285 - ProApps WEB_SERVER Bot Search RFI Scan (Casper-Like Jcomers Bot scan) (web_server.rules) 2011457 - ProApps WEB_CLIENT DLL or EXE File From Possible WebDAV Share Possible DLL Preloading Exploit Attempt (web_client.rules) 2011499 - ProApps WEB_CLIENT PDF With Embedded Adobe Shockwave Flash Possibly Related to Remote Code Execution Attempt (web_client.rules) 2011505 - ProApps WEB_CLIENT PDF With Embedded Flash Possible Remote Code Execution Attempt (web_client.rules) 2013479 - ProApps SCAN Behavioral Unusually fast Terminal Server Traffic Potential Scan or Infection (Outbound) (scan.rules) 2017528 - ProApps WEB_SERVER UA WordPress probable DDOS-Attack (web_server.rules) 2018247 - ProApps TROJAN Snake rootkit usermode-centric client request (trojan.rules) 2018248 - ProApps TROJAN Snake rootkit usermode-centric encrypted command from server (trojan.rules) 2018872 - ProApps TROJAN Tor based locker .onion Proxy domain in SNI July 31 2014 (trojan.rules) 2018874 - ProApps TROJAN Tor based locker .onion Proxy DNS lookup July 31 2014 (trojan.rules) 2018877 - ProApps TROJAN Tor based locker knowledgewiki.info in SNI July 31 2014 (trojan.rules) 2018892 - ProApps TROJAN Zbot .onion Proxy domain in SNI Aug 04 2014 (trojan.rules) 2018893 - ProApps TROJAN Zbot .onion Proxy DNS lookup July 31 2014 (trojan.rules) 2019606 - ProApps TROJAN Poweliks Abnormal HTTP Headers high likelihood of Poweliks infection (trojan.rules) 2021630 - ProApps TROJAN MS Terminal Server Single Character Login possible Morto inbound (trojan.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 3333 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 5050 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 5252 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 40669 Group 1 (botcc.portgrouped.rules) 2808735 - ProApps TROJAN Backdoor.Backtor DNS lookup Sep 03 2014 (trojan.rules) 2809169 - ProApps TROJAN PE downloaded with malicious APT OPH certificate (CallTogether Inc.) (trojan.rules) 2815959 - ProApps TROJAN APT Related DNS Lookup (PlugX Gh0st Bergard) (trojan.rules) 2816780 - ProApps TROJAN Likely CN-APT (Gh0st PlugX or other implant) DNS Lookup (trojan.rules) 2816781 - ProApps TROJAN Likely CN-APT (Gh0st PlugX or other implant) DNS Lookup (trojan.rules) 2816782 - ProApps TROJAN Likely CN-APT (Gh0st PlugX or other implant) DNS Lookup (trojan.rules) 2816783 - ProApps TROJAN Likely CN-APT (Gh0st PlugX or other implant) DNS Lookup (trojan.rules) 2816784 - ProApps TROJAN Likely CN-APT (Gh0st PlugX or other implant) DNS Lookup (trojan.rules) 2816785 - ProApps TROJAN Likely CN-APT (Gh0st PlugX or other implant) DNS Lookup (trojan.rules) 2821738 - ProApps TROJAN Babylon RAT C2 Server Response (trojan.rules) 2822485 - ProApps TROJAN Automated Tor EXE Download Possibly Raum Trojan (trojan.rules) [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Thu May 11 17:09:21 2017 [***] [+++] Added rules: 10 [+++] 2024288 - ProApps TROJAN Jaff Ransomware Checkin (trojan.rules) 2024289 - ProApps TROJAN DNS Query to Jaff Domain (fkksjobnn43 . org) (trojan.rules) 2024290 - ProApps TROJAN Jaff Ransomware Checkin M1 (trojan.rules) 2826363 - ProApps TROJAN MSIL/FrozrLock Ransomware CnC Checkin (trojan.rules) 2826364 - ProApps TROJAN Babylon RAT C2 Client Request M2 (trojan.rules) 2826365 - ProApps TROJAN Babylon RAT C2 Server Response M2 (trojan.rules) 2826366 - ProApps TROJAN Win32/Slingup.A Checkin (trojan.rules) 2826367 - ProApps TROJAN Win32/Slingup.A Module Download Request (trojan.rules) 2826368 - ProApps MOBILE_MALWARE Android.Trojan.InfoStealer.JZ SMS/Contact Exfil (mobile_malware.rules) 2826369 - ProApps SCAN IPMI Get Authentication Request (null seq number - null sessionID) (scan.rules) [+++] Modify rules: 154 [+++] 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 3333 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 5050 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 5252 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 40669 Group 1 (botcc.portgrouped.rules) 2821738 - ProApps TROJAN Babylon RAT C2 Server Response (trojan.rules) [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Wed May 10 17:01:05 2017 [***] [+++] Added rules: 21 [+++] 2024287 - ProApps EXPLOIT Intel AMT Login Attempt Detected (CVE 2017-5689) (exploit.rules) 2826343 - ProApps TROJAN XSLT/XML Raw Binary Executable Inbound (trojan.rules) 2826344 - ProApps TROJAN Loda Logger Executing Previously Downloaded File (trojan.rules) 2826345 - ProApps TROJAN Loda Logger Downloading Password Stealer (trojan.rules) 2826346 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2017-05-09 2) (trojan.rules) 2826347 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2017-05-09 3) (trojan.rules) 2826348 - ProApps TROJAN NetWireRAT Keep-Alive (set) (trojan.rules) 2826349 - ProApps TROJAN NetWireRAT Keep-Alive (trojan.rules) 2826350 - ProApps CURRENT_EVENTS Bingo Exploit Kit Landing May 08 2017 (current_events.rules) 2826351 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2017-05-09 1) (trojan.rules) 2826352 - ProApps TROJAN Win32/Serpent Ransomware Debug Checkin (trojan.rules) 2826353 - ProApps CURRENT_EVENTS Successful Paypal Phish May 10 2017 (current_events.rules) 2826354 - ProApps TROJAN Loda Logger Read File Contents Request (trojan.rules) 2826355 - ProApps TROJAN Loda Logger List Pictures in UserProfile Request (trojan.rules) 2826356 - ProApps MOBILE_MALWARE Android BankBot Checkin 5 (mobile_malware.rules) 2826357 - ProApps TROJAN Loda Logger List Files Request (set) (trojan.rules) 2826358 - ProApps TROJAN Loda Logger List Files Request (trojan.rules) 2826359 - ProApps TROJAN Win32/Zegost.Ddos Checkin (trojan.rules) 2826360 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 101 (mobile_malware.rules) 2826361 - ProApps TROJAN AZORult Variant.2 Checkin m3 (trojan.rules) 2826362 - ProApps MOBILE_MALWARE Android BankBot Checkin 6 (mobile_malware.rules) [+++] Modify rules: 164 [+++] 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 3333 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 5050 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 5252 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 40669 Group 1 (botcc.portgrouped.rules) 2822117 - ProApps TROJAN Loda Logger CnC Beacon Response (trojan.rules) 2826166 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2017-04-28 7) (trojan.rules) 2826206 - ProApps TROJAN AZORult Variant.2 Checkin (trojan.rules) 2826232 - ProApps TROJAN AZORult Variant.2 Checkin m2 (trojan.rules) 2826317 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 98 (mobile_malware.rules) 2826318 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 99 (mobile_malware.rules) 2826319 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 100 (mobile_malware.rules) 2826320 - ProApps MOBILE_MALWARE Android BankBot Checkin 2 (mobile_malware.rules) 2826321 - ProApps MOBILE_MALWARE Android BankBot Checkin 3 (mobile_malware.rules) 2826323 - ProApps MOBILE_MALWARE Android BankBot Checkin 4 (mobile_malware.rules) 2826326 - ProApps MOBILE_MALWARE Android BankBot CnC Beacon (mobile_malware.rules) [+++] Removed rules: 1 [+++] 2024282 - ProApps EXPLOIT Intel AMT Login Attempt Detected (CVE 2017-5689) (exploit.rules) [***] ProApps Security IDS Rules Changelog started Tue May 9 17:12:59 2017 [***] [+++] Added rules: 50 [+++] 2024283 - ProApps INFO Miniproxy Cloned Page - Possible Phishing Landing (info.rules) 2024284 - ProApps TROJAN OSX/Proton.B DNS Lookup (trojan.rules) 2024285 - ProApps TROJAN OSX/Proton.B Domain in SNI (trojan.rules) 2024286 - ProApps TROJAN Turla SHIRIME DNS Lookup (trojan.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 40669 Group 1 (botcc.portgrouped.rules) 2826298 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.ic SMS/Contact Exfil via SMTP (mobile_malware.rules) 2826299 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.ar Reporting via SMTP (mobile_malware.rules) 2826300 - ProApps CURRENT_EVENTS Successful Alibaba Phish May 08 2017 (current_events.rules) 2826301 - ProApps CURRENT_EVENTS Docusign Phishing Landing May 08 2017 (current_events.rules) 2826302 - ProApps CURRENT_EVENTS Successful Apple iCloud Phish May 08 2017 (current_events.rules) 2826303 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 84 (mobile_malware.rules) 2826304 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 85 (mobile_malware.rules) 2826305 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 86 (mobile_malware.rules) 2826306 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 87 (mobile_malware.rules) 2826307 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 88 (mobile_malware.rules) 2826308 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 89 (mobile_malware.rules) 2826309 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 90 (mobile_malware.rules) 2826310 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 91 (mobile_malware.rules) 2826311 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 92 (mobile_malware.rules) 2826312 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 93 (mobile_malware.rules) 2826313 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 94 (mobile_malware.rules) 2826314 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 95 (mobile_malware.rules) 2826315 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 96 (mobile_malware.rules) 2826316 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 97 (mobile_malware.rules) 2826317 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 99 (mobile_malware.rules) 2826318 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 100 (mobile_malware.rules) 2826319 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 101 (mobile_malware.rules) 2826320 - ProApps MOBILE_MALWARE Android BankBot Checkin 2 (mobile_malware.rules) 2826321 - ProApps MOBILE_MALWARE Android BankBot Checkin 3 (mobile_malware.rules) 2826322 - ProApps CURRENT_EVENTS Successful Paypal Phish May 09 2017 (current_events.rules) 2826323 - ProApps MOBILE_MALWARE Android BankBot Checkin 4 (mobile_malware.rules) 2826324 - ProApps CURRENT_EVENTS Successful Personalized Secure Cloud File Phish May 09 2017 (current_events.rules) 2826325 - ProApps CURRENT_EVENTS Secure Cloud File Phishing Landing May 09 2017 (current_events.rules) 2826326 - ProApps MOBILE_MALWARE Android BankBot CnC Beacon (mobile_malware.rules) 2826327 - ProApps TROJAN W32/Emotet Empty CnC Beacon (trojan.rules) 2826328 - ProApps EXPLOIT Microsoft Malware Protection Engine Remote Code Execution Vulnerability (CVE-2017-0290) (exploit.rules) 2826329 - ProApps DOS MS DNS CHAOS Denial of Service (CVE-2017-0171) (dos.rules) 2826330 - ProApps WEB_CLIENT Microsoft Edge Memory Corruption Vulnerability (CVE-2017-0221) (web_client.rules) 2826331 - ProApps WEB_CLIENT Possible Edge Type Confusion Exploit (CVE-2017-0227) (web_client.rules) 2826332 - ProApps WEB_CLIENT Possible Edge Chakra UAF Exploit (CVE-2017-0228) (web_client.rules) 2826333 - ProApps WEB_CLIENT Scripting Engine Memory Corruption Vulnerability (CVE-2017-0234) (web_client.rules) 2826334 - ProApps WEB_CLIENT Microsoft Edge Scripting Engine Memory Corruption (CVE-2017-0236) (web_client.rules) 2826335 - ProApps WEB_CLIENT Possible Edge Type Confusion Exploit (CVE-2017-0238) (web_client.rules) 2826336 - ProApps WEB_CLIENT Possible Edge UAF Exploit (CVE-2017-0240) (web_client.rules) 2826337 - ProApps EXPLOIT Windows Kernel Information Disclosure Vulnerability (CVE-2017-0259) (exploit.rules) 2826338 - ProApps EXPLOIT Win32k Elevation of Privilege Vulnerability (CVE-2017-0263) (exploit.rules) 2826339 - ProApps WEB_CLIENT Microsoft Edge Chakra Core Type Confusion Vuln (CVE-2017-0266) (web_client.rules) 2826340 - ProApps EXPLOIT Possible Adobe Flash BlendMode Vuln (CVE-2017-3069) (exploit.rules) 2826341 - ProApps EXPLOIT Possible Adobe Flash BlendMode Vuln (CVE-2017-3070) (exploit.rules) 2826342 - ProApps TROJAN MSIL/Agent.AUK CnC Checkin (trojan.rules) [+++] Modify rules: 176 [+++] 2001622 - ProApps ACTIVEX winhlp32 ActiveX control attack - phase 1 (activex.rules) 2001623 - ProApps ACTIVEX winhlp32 ActiveX control attack - phase 2 (activex.rules) 2001624 - ProApps ACTIVEX winhlp32 ActiveX control attack - phase 3 (activex.rules) 2008476 - ProApps EXPLOIT Foofus.net Password dumping dll injection (exploit.rules) 2008830 - ProApps WEB_SPECIFIC_APPS DevelopItEasy Photo Gallery cat_id parameter SQL Injection (web_specific_apps.rules) 2008831 - ProApps WEB_SPECIFIC_APPS DevelopItEasy Photo Gallery photo_id parameter SQL Injection (web_specific_apps.rules) 2009229 - ProApps WEB_SPECIFIC_APPS TECHNOTE shop_this_skin_path Parameter Remote File Inclusion (web_specific_apps.rules) 2009230 - ProApps WEB_SPECIFIC_APPS TECHNOTE shop_this_skin_path Parameter Local File Inclusion (web_specific_apps.rules) 2012219 - ProApps WEB_SPECIFIC_APPS BetMore Site Suite mainx_a.php bid Parameter Blind SQL Injection Attempt (web_specific_apps.rules) 2012730 - ProApps TROJAN Known Hostile Domain ilo.brenz .pl Lookup (trojan.rules) 2013117 - ProApps WEB_SPECIFIC_APPS Apache Tomcat Sort Parameter Cross Site Scripting Attempt (web_specific_apps.rules) 2013118 - ProApps WEB_SPECIFIC_APPS Apache Tomcat Orderby Parameter Cross Site Scripting Attempt (web_specific_apps.rules) 2014726 - ProApps POLICY Outdated Windows Flash Version IE (policy.rules) 2015559 - ProApps CURRENT_EVENTS Cridex Self Signed SSL Certificate (TR Some-State Internet Widgits) (current_events.rules) 2020605 - ProApps CURRENT_EVENTS WindowBase64.atob Function In Edwards Packed JavaScript - Possible iFrame Injection Detected (current_events.rules) 2022859 - ProApps CURRENT_EVENTS Evil Redirector Leading to EK Jun 03 2016 (current_events.rules) 2024282 - ProApps EXPLOIT Intel AMT Login Attempt Detected (CVE 2017-5689) (exploit.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 3333 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 5050 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 5252 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2808207 - ProApps CURRENT_EVENTS Safe/Critx/FlashPack URI Struct June 18 2014 1 (current_events.rules) 2808208 - ProApps CURRENT_EVENTS Safe/Critx/FlashPack URI Struct June 18 2014 2 (current_events.rules) 2808212 - ProApps CURRENT_EVENTS Safe/Critx/FlashPack URI Struct June 19 2014 1 (current_events.rules) 2808213 - ProApps CURRENT_EVENTS Safe/Critx/FlashPack URI Struct June 19 2014 2 (current_events.rules) 2816583 - ProApps CURRENT_EVENTS Successful Apple Phish Mar 8 (current_events.rules) 2823549 - ProApps CURRENT_EVENTS Successful Adobe PDF Online Phish Nov 30 2016 (current_events.rules) 2824604 - ProApps MOBILE_MALWARE Anubis Android Loader / BankBot Checkin (mobile_malware.rules) [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Mon May 8 16:12:31 2017 [***] [+++] Added rules: 20 [+++] 2024280 - ProApps TROJAN MSIL/NewHT Ransomware CnC Checkin (trojan.rules) 2024281 - ProApps TROJAN Known Hostile Domain ant.trenz .pl Lookup (trojan.rules) 2024282 - ProApps EXPLOIT Intel AMT Login Attempt Detected (CVE 2017-5689) (exploit.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 40669 Group 1 (botcc.portgrouped.rules) 2826282 - ProApps TROJAN IsmDoor DNS C2 Domain Name (trojan.rules) 2826283 - ProApps TROJAN IsmDoor DNS C2 Domain Name (trojan.rules) 2826284 - ProApps TROJAN IsmDoor DNS C2 Initial Data Sent (trojan.rules) 2826285 - ProApps TROJAN IsmDoor DNS C2 Checkin Stage 3 (trojan.rules) 2826286 - ProApps TROJAN IsmDoor DNS C2 Checkin Stage 4 (trojan.rules) 2826287 - ProApps TROJAN IsmDoor DNS C2 Checkin Stage 5 (trojan.rules) 2826288 - ProApps TROJAN IsmDoor DNS C2 Domain Name (trojan.rules) 2826289 - ProApps TROJAN IsmDoor DNS C2 Domain Name (trojan.rules) 2826290 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.mk Reporting via SMTP 4 (mobile_malware.rules) 2826291 - ProApps CURRENT_EVENTS Successful Dropbox Phish May 08 2017 (current_events.rules) 2826292 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.ac Contact Exfil via SMTP 3 (mobile_malware.rules) 2826293 - ProApps TROJAN Win32/Bondnet Checkin (trojan.rules) 2826294 - ProApps MOBILE_MALWARE Android.Trojan.Lotus.A GPS Location Exfil via SMTP (mobile_malware.rules) 2826295 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.dj SMS/Contact Exfil via SMTP (mobile_malware.rules) 2826296 - ProApps TROJAN PowerShell/TrojanDownloader.Agent.AP Checkin (trojan.rules) 2826297 - ProApps TROJAN PowerShell/TrojanDownloader.Agent.AP Checkin (trojan.rules) [+++] Modify rules: 192 [+++] 2001622 - ProApps ACTIVEX winhlp32 ActiveX control attack - phase 1 (activex.rules) 2001623 - ProApps ACTIVEX winhlp32 ActiveX control attack - phase 2 (activex.rules) 2001624 - ProApps ACTIVEX winhlp32 ActiveX control attack - phase 3 (activex.rules) 2012730 - ProApps TROJAN Known Hostile Domain ilo.brenz .pl Lookup (trojan.rules) 2015559 - ProApps CURRENT_EVENTS Cridex Self Signed SSL Certificate (TR Some-State Internet Widgits) (current_events.rules) 2400000 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 1 (drop.rules) 2400001 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 2 (drop.rules) 2400002 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 3 (drop.rules) 2400003 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 4 (drop.rules) 2400004 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 5 (drop.rules) 2400005 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 6 (drop.rules) 2400006 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 7 (drop.rules) 2400007 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 8 (drop.rules) 2400008 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 9 (drop.rules) 2400009 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 10 (drop.rules) 2400010 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 11 (drop.rules) 2400011 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 12 (drop.rules) 2400012 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 13 (drop.rules) 2400013 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 14 (drop.rules) 2400014 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 15 (drop.rules) 2400015 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 16 (drop.rules) 2400016 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 17 (drop.rules) 2400017 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 18 (drop.rules) 2400018 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 19 (drop.rules) 2400019 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 20 (drop.rules) 2400020 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 21 (drop.rules) 2400021 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 22 (drop.rules) 2400022 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 23 (drop.rules) 2400023 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 24 (drop.rules) 2400024 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 25 (drop.rules) 2400025 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 26 (drop.rules) 2400026 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 27 (drop.rules) 2400027 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 28 (drop.rules) 2400028 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 29 (drop.rules) 2400029 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 30 (drop.rules) 2400030 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 31 (drop.rules) 2400031 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 32 (drop.rules) 2400032 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 33 (drop.rules) 2400033 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 34 (drop.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 5050 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 5252 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2826233 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.iz Contact Exfil via SMTP 2 (mobile_malware.rules) 2826281 - ProApps TROJAN IsmDoor DNS C2 Initial Checkin (trojan.rules) [+++] Removed rules: 2 [+++] 2826235 - ProApps SCAN Possible Intel AMT Login Attempt Detected (scan.rules) 2826250 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.mk Reporting via SMTP 2 (mobile_malware.rules) [***] ProApps Security IDS Rules Changelog started Fri May 5 16:50:36 2017 [***] [+++] Added rules: 31 [+++] 2024277 - ProApps WEB_SPECIFIC_APPS Wordpress Host Header Injection (CVE-2016-10033) M1 (web_specific_apps.rules) 2024278 - ProApps WEB_SPECIFIC_APPS Wordpress Host Header Injection (CVE-2016-10033) M2 (web_specific_apps.rules) 2024279 - ProApps WEB_SPECIFIC_APPS Wordpress Host Header Injection (CVE-2016-10033) M3 (web_specific_apps.rules) 2826254 - ProApps TROJAN Custom Cobalt Strike Beacon UA (trojan.rules) 2826255 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.pac CnC Beacon (mobile_malware.rules) 2826256 - ProApps TROJAN Unknown Targeted PowerShell Retrieving Payload (trojan.rules) 2826257 - ProApps TROJAN Unknown Targeted PowerShell CnC Beacon (trojan.rules) 2826258 - ProApps TROJAN DNS Query to Sage Domain (xcvkjet . net) (trojan.rules) 2826259 - ProApps TROJAN Likely APT28 XAgent or Uploader DNS Lookup (trojan.rules) 2826260 - ProApps TROJAN DNS Query to Cerber Domain (1khwro . top) (trojan.rules) 2826261 - ProApps TROJAN DNS Query to Cerber Domain (1pbfky . top) (trojan.rules) 2826262 - ProApps TROJAN DNS Query to Cerber Domain (17gvad . top) (trojan.rules) 2826263 - ProApps TROJAN DNS Query to Cerber Domain (19xvyd . top) (trojan.rules) 2826264 - ProApps TROJAN DNS Query to Cerber Domain (15e8hv . top) (trojan.rules) 2826265 - ProApps TROJAN DNS Query to Cerber Domain (1gvyo8 . top) (trojan.rules) 2826266 - ProApps TROJAN DNS Query to Cerber Domain (1jzmjr . top) (trojan.rules) 2826267 - ProApps TROJAN DNS Query to Cerber Domain (13bcem . top) (trojan.rules) 2826268 - ProApps TROJAN DNS Query to Cerber Domain (1fzjn3 . top) (trojan.rules) 2826269 - ProApps TROJAN DNS Query to Cerber Domain (12hxjv . top) (trojan.rules) 2826270 - ProApps TROJAN DNS Query to Cerber Domain (1wmvk2 . top) (trojan.rules) 2826271 - ProApps TROJAN APT28 Uploader DNS Lookup (trojan.rules) 2826272 - ProApps TROJAN APT28 XTunnel DNS Lookup (trojan.rules) 2826273 - ProApps TROJAN APT28 XAgent DNS Lookup (trojan.rules) 2826274 - ProApps TROJAN APT28 XAgent DNS Lookup (trojan.rules) 2826275 - ProApps TROJAN APT28 XAgent DNS Lookup (trojan.rules) 2826276 - ProApps TROJAN APT28 XAgent DNS Lookup (trojan.rules) 2826277 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.dj Reporting via SMTP 3 (mobile_malware.rules) 2826278 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.dj Reporting via SMTP 4 (mobile_malware.rules) 2826279 - ProApps TROJAN ZLoader Malicious SSL Cert Observed (trojan.rules) 2826280 - ProApps MOBILE_MALWARE Android/Spy.SmsSpy.EQ SMS Exfil via SMTP (mobile_malware.rules) 2826281 - ProApps TROJAN IsmDoor DNS C2 Initial Checkin (trojan.rules) [+++] Modify rules: 15 [+++] 2003055 - ProApps POLICY Suspicious FTP 220 Banner on Local Port (-) (policy.rules) 2003466 - ProApps WEB_SERVER PHP Attack Tool Morfeus F Scanner (web_server.rules) 2003479 - ProApps POLICY Radmin Remote Control Session Setup Initiate (policy.rules) 2003481 - ProApps POLICY Radmin Remote Control Session Authentication Initiate (policy.rules) 2003482 - ProApps POLICY Radmin Remote Control Session Authentication Response (policy.rules) 2003492 - ProApps MALWARE Suspicious Mozilla User-Agent - Likely Fake (Mozilla/4.0) (malware.rules) 2003869 - ProApps SCAN ProxyReconBot CONNECT method to Mail (scan.rules) 2007994 - ProApps MALWARE Suspicious User-Agent (1 space) (malware.rules) 2008233 - ProApps TROJAN Common Downloader Install Report URL (farfly checkin) (trojan.rules) 2009949 - ProApps WEB_SERVER Tilde in URI - potential .pl source disclosure vulnerability (web_server.rules) 2009950 - ProApps WEB_SERVER Tilde in URI - potential .inc source disclosure vulnerability (web_server.rules) 2009951 - ProApps WEB_SERVER Tilde in URI - potential .conf source disclosure vulnerability (web_server.rules) 2009952 - ProApps WEB_SERVER Tilde in URI - potential .asp source disclosure vulnerability (web_server.rules) 2009953 - ProApps WEB_SERVER Tilde in URI - potential .aspx source disclosure vulnerability (web_server.rules) 2009955 - ProApps WEB_SERVER Tilde in URI - potential .php~ source disclosure vulnerability (web_server.rules) [+++] Removed rules: 3 [+++] 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 40669 Group 1 (botcc.portgrouped.rules) 2826212 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.dj SMS Exfil via SMTP 5 (mobile_malware.rules) [***] ProApps Security IDS Rules Changelog started Thu May 4 16:46:23 2017 [***] [+++] Added rules: 13 [+++] 2024270 - ProApps TROJAN Kazuar CnC Beacon (trojan.rules) 2024271 - ProApps TROJAN Turla Snake OSX DNS Lookup (car-service .effers.com) (trojan.rules) 2024272 - ProApps TROJAN W32.Geodo/Emotet Checkin (trojan.rules) 2024273 - ProApps TROJAN SuperCMD CnC Beacon (trojan.rules) 2024274 - ProApps TROJAN W32/Emotet CnC Beacon 1 (trojan.rules) 2024275 - ProApps TROJAN W32/Emotet CnC Beacon 2 (trojan.rules) 2024276 - ProApps TROJAN MSIL/OzazaLocker Ransomware CnC Checkin (trojan.rules) 2826248 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.mk Reporting via SMTP 2 (mobile_malware.rules) 2826249 - ProApps MOBILE_MALWARE Android ShadowTDS Response (mobile_malware.rules) 2826250 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.mk Reporting via SMTP 2 (mobile_malware.rules) 2826251 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.mk Reporting via SMTP 3 (mobile_malware.rules) 2826252 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.dj Reporting via SMTP 2 (mobile_malware.rules) 2826253 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.ac SMS Exfil via SMTP 2 (mobile_malware.rules) [+++] Modify rules: 154 [+++] 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 1234 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 5050 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 5252 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6900 Group 1 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 40669 Group 1 (botcc.portgrouped.rules) 2825135 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.ac SMS Exfil via SMTP (mobile_malware.rules) [+++] Removed rules: 1 [+++] 2823570 - ProApps TROJAN W32.Geodo/Emotet Checkin (trojan.rules) [***] ProApps Security IDS Rules Changelog started Wed May 3 19:59:19 2017 [***] [+++] Added rules: 0 [+++] [+++] Modify rules: 2 [+++] 2024267 - ProApps CURRENT_EVENTS Successful Google App Oauth Phish M2 Mar 3 2017 (current_events.rules) 2024269 - ProApps CURRENT_EVENTS Successful Google App Oauth Phish M4 Mar 3 2017 (current_events.rules) [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Wed May 3 19:37:27 2017 [***] [+++] Added rules: 5 [+++] 2024233 - ProApps TROJAN Unknown Possibly Ransomware (Dropped by RIG) CnC Beacon (trojan.rules) 2024266 - ProApps CURRENT_EVENTS Successful Google App Oauth Phish M1 Mar 3 2017 (current_events.rules) 2024267 - ProApps CURRENT_EVENTS Successful Google App Oauth Phish M2 Mar 3 2017 (current_events.rules) 2024268 - ProApps CURRENT_EVENTS Successful Google App Oauth Phish M3 Mar 3 2017 (current_events.rules) 2024269 - ProApps CURRENT_EVENTS Successful Google App Oauth Phish M4 Mar 3 2017 (current_events.rules) [+++] Modify rules: 0 [+++] [+++] Removed rules: 1 [+++] 444444 - ProApps TROJAN Unknown Possibly Ransomware (Dropped by RIG) CnC Beacon (trojan.rules) [***] ProApps Security IDS Rules Changelog started Wed May 3 17:24:26 2017 [***] [+++] Added rules: 33 [+++] 2826215 - ProApps TROJAN Win32/TrojanDownloader.Delf.BQI Checkin (trojan.rules) 2826216 - ProApps TROJAN Casper/LEAD DNS Lookup (trojan.rules) 2826217 - ProApps TROJAN MSIL/Hidden-Tear Variant Ransomware (Lockify) CnC Checkin (trojan.rules) 2826218 - ProApps TROJAN MSIL/Hidden-Tear Variant CnC Checkin (trojan.rules) 2826219 - ProApps TROJAN Casper/LEAD DNS Lookup (trojan.rules) 2826220 - ProApps TROJAN Casper/LEAD DNS Lookup (trojan.rules) 2826221 - ProApps TROJAN Casper/LEAD DNS Lookup (trojan.rules) 2826222 - ProApps TROJAN Casper/LEAD DNS Lookup (trojan.rules) 2826223 - ProApps TROJAN Casper/LEAD DNS Lookup (trojan.rules) 2826224 - ProApps TROJAN Casper/LEAD DNS Lookup (trojan.rules) 2826225 - ProApps TROJAN Casper/LEAD DNS Lookup (trojan.rules) 2826226 - ProApps TROJAN Casper/LEAD DNS Lookup (trojan.rules) 2826227 - ProApps TROJAN Casper/LEAD DNS Lookup (trojan.rules) 2826228 - ProApps TROJAN Casper/LEAD DNS Lookup (trojan.rules) 2826229 - ProApps TROJAN Possible TorrentLocker Connectivity Check 1 (trojan.rules) 2826230 - ProApps TROJAN Possible TorrentLocker Connectivity Check 2 (trojan.rules) 2826231 - ProApps TROJAN Possible TorrentLocker Connectivity Check 3 (trojan.rules) 2826232 - ProApps TROJAN Unknown Stealer Checkin 2 (trojan.rules) 2826233 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.iz Contact Exfil via SMTP 2 (mobile_malware.rules) 2826234 - ProApps POLICY Known Vulnerable Intel AMT Version Detected Outbound (policy.rules) 2826235 - ProApps SCAN Possible Intel AMT Login Attempt Detected (scan.rules) 2826236 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.ey Contact Exfil via SMTP (mobile_malware.rules) 2826237 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.ey SMS Exfil via SMTP (mobile_malware.rules) 2826238 - ProApps MALWARE MSIL/PipOffers Adware/PUP Activity (malware.rules) 2826239 - ProApps MALWARE Observed Adware/PUP User-Agent (OfferCast) (malware.rules) 2826240 - ProApps TROJAN KONNI Checkin (trojan.rules) 2826241 - ProApps TROJAN KONNI Retrieving Payload (trojan.rules) 2826242 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.dj SMS Exfil via SMTP 5 (mobile_malware.rules) 2826243 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.dj SMS Exfil via SMTP 6 (mobile_malware.rules) 2826244 - ProApps CURRENT_EVENTS Astrum EK Landing M1 May 03 2017 (current_events.rules) 2826245 - ProApps CURRENT_EVENTS Astrum EK Landing M2 May 03 2017 (current_events.rules) 2826246 - ProApps CURRENT_EVENTS Astrum EK Payload Callback May 03 2017 (current_events.rules) 2826247 - ProApps CURRENT_EVENTS Astrum EK Payload May 03 2017 (current_events.rules) [+++] Modify rules: 16 [+++] 444444 - ProApps TROJAN Unknown Possibly Ransomware (Dropped by RIG) CnC Beacon (trojan.rules) 2003055 - ProApps POLICY Suspicious FTP 220 Banner on Local Port (-) (policy.rules) 2003466 - ProApps WEB_SERVER PHP Attack Tool Morfeus F Scanner (web_server.rules) 2003479 - ProApps POLICY Radmin Remote Control Session Setup Initiate (policy.rules) 2003481 - ProApps POLICY Radmin Remote Control Session Authentication Initiate (policy.rules) 2003482 - ProApps POLICY Radmin Remote Control Session Authentication Response (policy.rules) 2003492 - ProApps MALWARE Suspicious Mozilla User-Agent - Likely Fake (Mozilla/4.0) (malware.rules) 2003869 - ProApps SCAN ProxyReconBot CONNECT method to Mail (scan.rules) 2007994 - ProApps MALWARE Suspicious User-Agent (1 space) (malware.rules) 2008233 - ProApps TROJAN Common Downloader Install Report URL (farfly checkin) (trojan.rules) 2009949 - ProApps WEB_SERVER Tilde in URI - potential .pl source disclosure vulnerability (web_server.rules) 2009950 - ProApps WEB_SERVER Tilde in URI - potential .inc source disclosure vulnerability (web_server.rules) 2009951 - ProApps WEB_SERVER Tilde in URI - potential .conf source disclosure vulnerability (web_server.rules) 2009952 - ProApps WEB_SERVER Tilde in URI - potential .asp source disclosure vulnerability (web_server.rules) 2009953 - ProApps WEB_SERVER Tilde in URI - potential .aspx source disclosure vulnerability (web_server.rules) 2009955 - ProApps WEB_SERVER Tilde in URI - potential .php~ source disclosure vulnerability (web_server.rules) [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Tue May 2 17:21:22 2017 [***] [+++] Added rules: 12 [+++] 2826203 - ProApps TROJAN Trojan/AutoIT RMS Dropper Checkin (trojan.rules) 2826204 - ProApps MOBILE_MALWARE Monitor.AndroidOS.Hellospy.a CnC Beacon (mobile_malware.rules) 2826205 - ProApps TROJAN Possible Linux.Shishiga HTTP Fake 404 Response (trojan.rules) 2826206 - ProApps TROJAN Unknown Stealer Checkin (trojan.rules) 2826207 - ProApps TROJAN SMSDocu SSL Cert (trojan.rules) 2826208 - ProApps MOBILE_MALWARE Android.Riskware.SMSReg.FS CnC Beacon 2 (mobile_malware.rules) 2826209 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.mk Reporting via SMTP (mobile_malware.rules) 2826210 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.ey Reporting via SMTP (mobile_malware.rules) 2826211 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.dj Reporting via SMTP (mobile_malware.rules) 2826212 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.dj SMS Exfil via SMTP 5 (mobile_malware.rules) 2826213 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.es SMS/Contact Exfil via SMTP (mobile_malware.rules) 2826214 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.es Reporting via SMTP (mobile_malware.rules) [+++] Modify rules: 157 [+++] 2018321 - ProApps TROJAN Saker UA (trojan.rules) 2022506 - ProApps EXPLOIT Possible CVE-2016-1287 Invalid Fragment Size Inbound (exploit.rules) 2022515 - ProApps EXPLOIT Possible CVE-2016-1287 Invalid Fragment Size Inbound 2 (exploit.rules) 2022516 - ProApps EXPLOIT Possible CVE-2016-1287 Invalid Fragment Size Inbound 3 (exploit.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 1234 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 5050 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 5252 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6900 Group 1 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 40669 Group 1 (botcc.portgrouped.rules) [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Mon May 1 16:51:22 2017 [***] [+++] Added rules: 22 [+++] 2024265 - ProApps WEB_SERVER Jorgee Scan (web_server.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 40669 Group 1 (botcc.portgrouped.rules) 2826183 - ProApps TROJAN APT.ChChes CnC Beacon 3 (trojan.rules) 2826184 - ProApps TROJAN APT10 Redleaves/PlugX/ChChes DNS Lookup (app.lehigtapp .com) (trojan.rules) 2826185 - ProApps TROJAN ABUSE.CH TorrentLocker Payment Page (2ymh2gnnbg6pgq2r) (trojan.rules) 2826186 - ProApps TROJAN ABUSE.CH TorrentLocker Payment Domain (micronit . tw) (trojan.rules) 2826187 - ProApps TROJAN ABUSE.CH TorrentLocker Payment Domain (winregion . tw) (trojan.rules) 2826188 - ProApps TROJAN APT10 Redleaves/PlugX/ChChes DNS Lookup (area.wthelpdesk .com) (trojan.rules) 2826189 - ProApps TROJAN APT10 Redleaves/PlugX/ChChes DNS Lookup (dick.ccfchrist .com) (trojan.rules) 2826190 - ProApps TROJAN APT10 Redleaves/PlugX/ChChes DNS Lookup (fukuoka.cloud-maste .com) (trojan.rules) 2826191 - ProApps TROJAN APT10 Redleaves/PlugX/ChChes DNS Lookup (inspgon.re26 .com) (trojan.rules) 2826192 - ProApps TROJAN APT10 Redleaves/PlugX/ChChes DNS Lookup (jepsen.r3u8 .com) (trojan.rules) 2826193 - ProApps TROJAN ABUSE.CH TorrentLocker Payment Domain (flackbon . tw) (trojan.rules) 2826194 - ProApps TROJAN APT10 Redleaves/PlugX/ChChes DNS Lookup (jimin.jimindaddy .com) (trojan.rules) 2826195 - ProApps TROJAN APT10 Redleaves/PlugX/ChChes DNS Lookup (kawasaki.unhamj .com) (trojan.rules) 2826196 - ProApps TROJAN APT10 Redleaves/PlugX/ChChes DNS Lookup (nttdata.otzo .com) (trojan.rules) 2826197 - ProApps TROJAN APT10 Redleaves/PlugX/ChChes DNS Lookup (sakai.unhamj .com) (trojan.rules) 2826198 - ProApps TROJAN APT10 Redleaves/PlugX/ChChes DNS Lookup (scorpion.poulsenv .com) (trojan.rules) 2826199 - ProApps TROJAN APT10 Redleaves/PlugX/ChChes DNS Lookup (trout.belowto .com) (trojan.rules) 2826200 - ProApps TROJAN APT10 Redleaves/PlugX/ChChes DNS Lookup (zebra.wthelpdesk .com) (trojan.rules) 2826201 - ProApps TROJAN Carbanak VBS/GGLDR v2 CnC Beacon 2 (trojan.rules) 2826202 - ProApps MALWARE Wizzcaster Adware/PUP Checkin M2 (malware.rules) [+++] Modify rules: 6 [+++] 2009949 - ProApps WEB_SERVER Tilde in URI - potential .pl source disclosure vulnerability (web_server.rules) 2009950 - ProApps WEB_SERVER Tilde in URI - potential .inc source disclosure vulnerability (web_server.rules) 2009951 - ProApps WEB_SERVER Tilde in URI - potential .conf source disclosure vulnerability (web_server.rules) 2009952 - ProApps WEB_SERVER Tilde in URI - potential .asp source disclosure vulnerability (web_server.rules) 2009953 - ProApps WEB_SERVER Tilde in URI - potential .aspx source disclosure vulnerability (web_server.rules) 2009955 - ProApps WEB_SERVER Tilde in URI - potential .php~ source disclosure vulnerability (web_server.rules) [+++] Removed rules: 2 [+++] 2008492 - ProApps TROJAN Win32.Downloader.pgp Checkin (trojan.rules) 2811710 - ProApps WEB_SERVER Jorgee Scan (web_server.rules) [***] ProApps Security IDS Rules Changelog started Fri Apr 28 17:16:28 2017 [***] [+++] Added rules: 25 [+++] 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 40669 Group 1 (botcc.portgrouped.rules) 2826160 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2017-04-28 1) (trojan.rules) 2826161 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2017-04-28 2) (trojan.rules) 2826162 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2017-04-28 3) (trojan.rules) 2826163 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2017-04-28 4) (trojan.rules) 2826164 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2017-04-28 5) (trojan.rules) 2826165 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2017-04-28 6) (trojan.rules) 2826166 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2017-04-28 7) (trojan.rules) 2826167 - ProApps TROJAN Possible Carbanak XOR Encoded Meterpreter (metsrv.dll) (trojan.rules) 2826168 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 83 (mobile_malware.rules) 2826169 - ProApps TROJAN DNS Query to Sage Domain (xcvkjet . com) (trojan.rules) 2826170 - ProApps TROJAN DNS Query to Cerber Domain (1nprob . top) (trojan.rules) 2826171 - ProApps TROJAN DNS Query to Cerber Domain (1fygsg . top) (trojan.rules) 2826172 - ProApps TROJAN DNS Query to Cerber Domain (1kyjw7 . top) (trojan.rules) 2826173 - ProApps TROJAN DNS Query to Cerber Domain (1mwvgh . top) (trojan.rules) 2826174 - ProApps TROJAN Possible Hajime Beacon (set) (trojan.rules) 2826175 - ProApps TROJAN Possible Hajime Beacon (trojan.rules) 2826176 - ProApps MOBILE_MALWARE Android Unknown Trojan-Spy CnC Beacon (mobile_malware.rules) 2826177 - ProApps MOBILE_MALWARE Android Unknown Trojan-Spy Contact Exfil (mobile_malware.rules) 2826178 - ProApps TROJAN Cobalt Strike Malleable C2 Amazon Profile (trojan.rules) 2826179 - ProApps CURRENT_EVENTS Successful Office 365 Phish Apr 28 2017 (current_events.rules) 2826180 - ProApps CURRENT_EVENTS Successful DHL Phish Apr 28 2017 (current_events.rules) 2826181 - ProApps CURRENT_EVENTS Successful UK Gov Tax Refund Phish Apr 28 2017 (current_events.rules) 2826182 - ProApps CURRENT_EVENTS Successful Verified by VISA Phish Apr 28 2017 (current_events.rules) [+++] Modify rules: 6 [+++] 2009949 - ProApps WEB_SERVER Tilde in URI - potential .pl source disclosure vulnerability (web_server.rules) 2009950 - ProApps WEB_SERVER Tilde in URI - potential .inc source disclosure vulnerability (web_server.rules) 2009951 - ProApps WEB_SERVER Tilde in URI - potential .conf source disclosure vulnerability (web_server.rules) 2009952 - ProApps WEB_SERVER Tilde in URI - potential .asp source disclosure vulnerability (web_server.rules) 2009953 - ProApps WEB_SERVER Tilde in URI - potential .aspx source disclosure vulnerability (web_server.rules) 2009955 - ProApps WEB_SERVER Tilde in URI - potential .php~ source disclosure vulnerability (web_server.rules) [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Thu Apr 27 17:25:30 2017 [***] [+++] Added rules: 42 [+++] 2022987 - ProApps MALWARE LoadMoney Checkin 5 (malware.rules) 2024249 - ProApps MALWARE Loadmoney User Agent (malware.rules) 2024250 - ProApps MALWARE Loadmoney.A Checkin 1 (malware.rules) 2024251 - ProApps MALWARE Loadmoney.A Checkin 2 (malware.rules) 2024252 - ProApps MALWARE Loadmoney.A Checkin 3 (malware.rules) 2024253 - ProApps MALWARE Loadmoney.A Checkin 4 (malware.rules) 2024254 - ProApps MALWARE Loadmoney.A Checkin 6 (malware.rules) 2024255 - ProApps MALWARE Loadmoney.A Checkin 7 (malware.rules) 2024256 - ProApps MALWARE Loadmoney.A Checkin 5 (malware.rules) 2024257 - ProApps MALWARE Loadmoney.A Checkin 8 (malware.rules) 2024258 - ProApps MALWARE Loadmoney Checkin 1 (malware.rules) 2024259 - ProApps MALWARE Loadmoney Checkin 2 (malware.rules) 2024260 - ProApps MALWARE Win32.LoadMoney User Agent (malware.rules) 2024261 - ProApps MALWARE Loadmoney Checkin 3 (malware.rules) 2024262 - ProApps MALWARE Loadmoney Checkin 4 (malware.rules) 2024263 - ProApps TROJAN DeepEnd Research Ransomware CrypMIC Payment Onion Domain (trojan.rules) 2024264 - ProApps TROJAN DeepEnd Research Ransomware CrypMIC Payment Onion Domain (trojan.rules) 2826135 - ProApps CURRENT_EVENTS Successful iCloud Phish Apr 27 2017 (current_events.rules) 2826136 - ProApps CURRENT_EVENTS Successful RBC Royal Bank Phish Apr 27 2017 (current_events.rules) 2826137 - ProApps CURRENT_EVENTS Successful Dropbox Phish Apr 27 2017 (current_events.rules) 2826138 - ProApps CURRENT_EVENTS Email Settings Verification Phishing Landing Apr 27 2017 (current_events.rules) 2826139 - ProApps CURRENT_EVENTS Successful Email Settings Verification Phish Apr 27 2017 (current_events.rules) 2826140 - ProApps CURRENT_EVENTS Adobe Protected PDF Phishing Landing Apr 27 2017 (current_events.rules) 2826141 - ProApps CURRENT_EVENTS Successful HM Revenue & Customs Phish Apr 27 2017 (current_events.rules) 2826142 - ProApps TROJAN Cobalt Strike Trial HTTP Response Header (X-Malware) (trojan.rules) 2826143 - ProApps TROJAN Cobalt Strike Trial HTTP Response Header (EICAR) (trojan.rules) 2826144 - ProApps CURRENT_EVENTS Successful Facebook Phish Apr 27 2017 (current_events.rules) 2826145 - ProApps TROJAN Malicious SSL Certificate Detected (CobaltStrike Dropper) (trojan.rules) 2826146 - ProApps CURRENT_EVENTS Successful Apple Phish Apr 27 2017 (current_events.rules) 2826147 - ProApps CURRENT_EVENTS Successful Paypal Phish Apr 27 2017 (current_events.rules) 2826148 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.o Contact Exfil (mobile_malware.rules) 2826149 - ProApps TROJAN Suspicious Word File Embedded in PDF - Possible Locky/Dridex (HTTP) (trojan.rules) 2826150 - ProApps TROJAN Suspicious Word File Embedded in PDF - Possible Locky/Dridex M1 (trojan.rules) 2826151 - ProApps TROJAN Suspicious Word File Embedded in PDF - Possible Locky/Dridex M2 (trojan.rules) 2826152 - ProApps TROJAN Suspicious Word File Embedded in PDF - Possible Locky/Dridex M3 (trojan.rules) 2826153 - ProApps TROJAN MSIL/ClipBanker.BT CnC Checkin (trojan.rules) 2826154 - ProApps TROJAN Cobalt Strike Malleable C2 Webbug Profile (trojan.rules) 2826155 - ProApps MALWARE Wizzcaster Adware/PUP Downloads Inbound (malware.rules) 2826156 - ProApps TROJAN JS Loader PE Download (trojan.rules) 2826157 - ProApps TROJAN JS Loader Payload Request (trojan.rules) 2826158 - ProApps CURRENT_EVENTS Successful Amazon Phish via JS Form in PDF Apr 27 2017 (current_events.rules) 2826159 - ProApps INFO Possible Successful Credential Phish via JS Form in PDF Apr 27 2017 (info.rules) [+++] Modify rules: 102 [+++] 2017787 - ProApps MOBILE_MALWARE Android.KorBanker Fake Banking App Install CnC Beacon (mobile_malware.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) [+++] Removed rules: 18 [+++] 2022911 - ProApps MALWARE LoadMoney User-Agent (malware.rules) 2022987 - ProApps TROJAN LoadMoney Checkin 3 (trojan.rules) 2805850 - ProApps TROJAN Loadmoney.A Checkin 1 (trojan.rules) 2805851 - ProApps TROJAN Loadmoney.A Checkin 2 (trojan.rules) 2806326 - ProApps TROJAN Loadmoney.A Checkin 3 (trojan.rules) 2806385 - ProApps TROJAN Loadmoney.A Checkin 4 (trojan.rules) 2807004 - ProApps TROJAN Loadmoney.A Checkin 6 (trojan.rules) 2807025 - ProApps TROJAN Loadmoney.A Checkin 7 (trojan.rules) 2807235 - ProApps TROJAN Loadmoney.A Checkin 5 (trojan.rules) 2808508 - ProApps TROJAN Loadmoney.A Checkin 8 (trojan.rules) 2809822 - ProApps TROJAN Loadmoney Checkin (trojan.rules) 2810086 - ProApps TROJAN Win32.Loadmoney Checkin 2 (trojan.rules) 2810094 - ProApps MALWARE Win32.LoadMoney User Agent (malware.rules) 2810544 - ProApps TROJAN Loadmoney Checkin 2 (trojan.rules) 2812429 - ProApps TROJAN Win32/Kryptik.DTJT Downloader GET (trojan.rules) 2812650 - ProApps MALWARE Win32/Kryptik.DUHH Variant Activity (malware.rules) 2814730 - ProApps MOBILE_MALWARE Android/TrojanDropper.Agent.EC Checkin (mobile_malware.rules) 2822127 - ProApps MOBILE_MALWARE Riskware Android/Packed.Jiagu.A Checkin (mobile_malware.rules) [***] ProApps Security IDS Rules Changelog started Wed Apr 26 17:09:51 2017 [***] [+++] Added rules: 26 [+++] 2024247 - ProApps TROJAN Possible DANDERSPRITZ Default HTTP Headers (trojan.rules) 2024248 - ProApps TROJAN Possible DANDERSPRITZ HTTP Beacon (trojan.rules) 2826111 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 82 (mobile_malware.rules) 2826112 - ProApps MOBILE_MALWARE Android/SMForw.RL Contact Exfil (mobile_malware.rules) 2826113 - ProApps CURRENT_EVENTS Successful Administrator Password Reset Phish Apr 26 2017 (current_events.rules) 2826114 - ProApps CURRENT_EVENTS Successful Netflix Payment Information Phish Apr 26 2017 (current_events.rules) 2826115 - ProApps CURRENT_EVENTS Successful National Australia Bank Phish M1 Apr 26 2017 (current_events.rules) 2826116 - ProApps CURRENT_EVENTS Successful National Australia Bank Phish M2 Apr 26 2017 (current_events.rules) 2826117 - ProApps TROJAN Linux.Shishiga HTTP Checkin (trojan.rules) 2826118 - ProApps CURRENT_EVENTS Successful Paypal Phish Apr 26 2017 (current_events.rules) 2826119 - ProApps POLICY DeskShare Desktop Sharing Tool Checkin (policy.rules) 2826120 - ProApps TROJAN DNS Query to Sage Domain (qlkrwn . com) (trojan.rules) 2826121 - ProApps TROJAN DNS Query to Cerber Domain (1c1ajf . top) (trojan.rules) 2826122 - ProApps TROJAN DNS Query to Cerber Domain (1nkkem . top) (trojan.rules) 2826123 - ProApps TROJAN MSIL/Unk.CoinMiner CnC Install Activity (trojan.rules) 2826124 - ProApps TROJAN DNS Query to Cerber Domain (17u2yg . top) (trojan.rules) 2826125 - ProApps TROJAN DNS Query to Cerber Domain (17m14u . top) (trojan.rules) 2826126 - ProApps TROJAN DNS Query to Cerber Domain (1mee2x . top) (trojan.rules) 2826127 - ProApps TROJAN DNS Query to Cerber Domain (1g6evx . top) (trojan.rules) 2826128 - ProApps TROJAN DNS Query to Cerber Domain (13bi2c . top) (trojan.rules) 2826129 - ProApps TROJAN DNS Query to Cerber Domain (1j43kf . top) (trojan.rules) 2826130 - ProApps TROJAN DNS Query to Cerber Domain (1evjph . top) (trojan.rules) 2826131 - ProApps TROJAN DNS Query to Cerber Domain (1fnjrj . top) (trojan.rules) 2826132 - ProApps TROJAN DNS Query to Cerber Domain (14szpx . top) (trojan.rules) 2826133 - ProApps CURRENT_EVENTS Astrum EK Activity M1 Apr 26 2017 (current_events.rules) 2826134 - ProApps CURRENT_EVENTS Astrum EK Activity M2 Apr 26 2017 (current_events.rules) [+++] Modify rules: 104 [+++] 2020962 - ProApps TROJAN CozyDuke APT HTTP Checkin (trojan.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2814860 - ProApps TROJAN njRAT/Bladabindi CnC Callback (act) (trojan.rules) 2815563 - ProApps CURRENT_EVENTS Base64 Javascript URL Refresh - Common Phish Landing Obfuscation Dec 31 (current_events.rules) [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Tue Apr 25 17:40:24 2017 [***] [+++] Added rules: 21 [+++] 2024239 - ProApps TROJAN MSIL/Karmen Ransomware CnC Activity (trojan.rules) 2024240 - ProApps INFO ARM File Requested via WGET (set) (info.rules) 2024241 - ProApps TROJAN ARM Binary Downloaded via WGET Containing Suspicious Netcat Command - Possible IoT Malware (trojan.rules) 2024242 - ProApps TROJAN ARM Binary Downloaded via WGET Containing GoAhead and Multiple Camera RCE 0Day Vulnerabilities (trojan.rules) 2024243 - ProApps TROJAN ARM Binary Requested via WGET to Known IoT Malware Domain (trojan.rules) 2024244 - ProApps TROJAN Known IoT Malware Domain (trojan.rules) 2024245 - ProApps TROJAN Known IoT Malware Domain (trojan.rules) 2024246 - ProApps TROJAN Observed Malicious SSL cert (pyteHole Ransomware) (trojan.rules) 2826098 - ProApps MOBILE_MALWARE Android/Monitor.Drower.B SMS Exfil (mobile_malware.rules) 2826099 - ProApps TROJAN MSIL/Spy.Agent.AUE Checkin (trojan.rules) 2826100 - ProApps MOBILE_MALWARE Android.Adware.Wapsx.A CnC Beacon (mobile_malware.rules) 2826101 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 81 (mobile_malware.rules) 2826102 - ProApps MOBILE_MALWARE Android.Trojan.Fjcon.D Checkin (mobile_malware.rules) 2826103 - ProApps MOBILE_MALWARE Android.Adware.Dowgin.gQAM Checkin (mobile_malware.rules) 2826104 - ProApps CURRENT_EVENTS Successful Mobile Banco do Brasil Phish Apr 25 2017 (current_events.rules) 2826105 - ProApps TROJAN Generic njRAT/Bladabindi CnC Activity (li) (trojan.rules) 2826106 - ProApps TROJAN Generic njRAT/Bladabindi CnC Activity (prof) (trojan.rules) 2826107 - ProApps TROJAN Generic njRAT/Bladabindi CnC Activity (infn) (trojan.rules) 2826108 - ProApps CURRENT_EVENTS Successful Dropbox Phish Apr 25 2017 (current_events.rules) 2826109 - ProApps CURRENT_EVENTS Successful OWA Phish Apr 25 2017 (current_events.rules) 2826110 - ProApps CURRENT_EVENTS Successful Snapchat Phish Apr 25 2017 (current_events.rules) [+++] Modify rules: 103 [+++] 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2814860 - ProApps TROJAN njRAT/Bladabindi CnC Callback (act) (trojan.rules) 2819864 - ProApps MOBILE_MALWARE AdWare.AndroidOS.Batmob.b Checkin (mobile_malware.rules) [+++] Removed rules: 1 [+++] 2825462 - ProApps TROJAN MSIL/Karmen Ransomware CnC Activity (trojan.rules) [***] ProApps Security IDS Rules Changelog started Mon Apr 24 18:44:37 2017 [***] [+++] Added rules: 100 [+++] 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) [+++] Modify rules: 0 [+++] [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Mon Apr 24 17:27:36 2017 [***] [+++] Added rules: 18 [+++] 2024236 - ProApps INFO SMTP PDF Attachment Flowbit Set (info.rules) 2024237 - ProApps CURRENT_EVENTS ElTest Exploit Kit Redirection Script (current_events.rules) 2024238 - ProApps CURRENT_EVENTS HoeflerText Chrome Popup DriveBy Download Attempt (current_events.rules) 2826083 - ProApps TROJAN Docm File Autolaunching from PDF via JS - Possible Locky/Dridex M1 (trojan.rules) 2826084 - ProApps TROJAN Docm File Autolaunching from PDF via JS - Possible Locky/Dridex M2 (trojan.rules) 2826085 - ProApps TROJAN Docm File Autolaunching from PDF via JS - Possible Locky/Dridex M3 (trojan.rules) 2826086 - ProApps CURRENT_EVENTS Successful Navy Federal Phish Apr 21 2017 (current_events.rules) 2826087 - ProApps CURRENT_EVENTS Evil Redirector Leading to Malicious Download Apr 19 2017 (current_events.rules) 2826088 - ProApps CURRENT_EVENTS Successful Orange.fr Phish Apr 24 2017 (current_events.rules) 2826089 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 78 (mobile_malware.rules) 2826090 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 79 (mobile_malware.rules) 2826091 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 80 (mobile_malware.rules) 2826092 - ProApps EXPLOIT Possible Edge SOP Bypass UXSS (exploit.rules) 2826093 - ProApps MOBILE_MALWARE Android/TrojanDropper.Agent.AXD CnC Beacon (mobile_malware.rules) 2826094 - ProApps TROJAN Unknown MalDoc Drop CnC Callback (trojan.rules) 2826095 - ProApps CURRENT_EVENTS Successful Paypal Phish M1 Apr 24 2017 (current_events.rules) 2826096 - ProApps CURRENT_EVENTS Successful Paypal Phish M2 Apr 24 2017 (current_events.rules) 2826097 - ProApps CURRENT_EVENTS Successful Paypal Phish M3 Apr 24 2017 (current_events.rules) [+++] Modify rules: 39 [+++] 2020786 - ProApps TROJAN Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 85 (trojan.rules) 2023576 - ProApps TROJAN Locky CnC Checkin Dec 5 M1 (trojan.rules) 2400000 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 1 (drop.rules) 2400001 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 2 (drop.rules) 2400002 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 3 (drop.rules) 2400003 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 4 (drop.rules) 2400004 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 5 (drop.rules) 2400005 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 6 (drop.rules) 2400006 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 7 (drop.rules) 2400007 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 8 (drop.rules) 2400008 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 9 (drop.rules) 2400009 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 10 (drop.rules) 2400010 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 11 (drop.rules) 2400011 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 12 (drop.rules) 2400012 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 13 (drop.rules) 2400013 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 14 (drop.rules) 2400014 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 15 (drop.rules) 2400015 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 16 (drop.rules) 2400016 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 17 (drop.rules) 2400017 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 18 (drop.rules) 2400018 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 19 (drop.rules) 2400019 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 20 (drop.rules) 2400020 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 21 (drop.rules) 2400021 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 22 (drop.rules) 2400022 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 23 (drop.rules) 2400023 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 24 (drop.rules) 2400024 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 25 (drop.rules) 2400025 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 26 (drop.rules) 2400026 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 27 (drop.rules) 2400027 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 28 (drop.rules) 2400028 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 29 (drop.rules) 2400029 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 30 (drop.rules) 2400030 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 31 (drop.rules) 2400031 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 32 (drop.rules) 2400032 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 33 (drop.rules) 2400033 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 34 (drop.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2815189 - ProApps MOBILE_MALWARE Android/Agent.OS Checkin (mobile_malware.rules) 2826055 - ProApps MOBILE_MALWARE Trojan.AndroidOS.Boogr.gsh DNS Lookup (mobile_malware.rules) [+++] Removed rules: 100 [+++] 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) [***] ProApps Security IDS Rules Changelog started Fri Apr 21 17:21:40 2017 [***] [+++] Added rules: 23 [+++] 444444 - ProApps TROJAN Unknown Possibly Ransomware (Dropped by RIG) CnC Beacon (trojan.rules) 2003055 - ProApps POLICY Suspicious FTP 220 Banner on Local Port (-) (policy.rules) 2024231 - ProApps CURRENT_EVENTS Successful iCloud Phish Apr 20 2017 (current_events.rules) 2024232 - ProApps CURRENT_EVENTS Successful Alitalia Airline Phish Apr 20 2017 (current_events.rules) 2024234 - ProApps EXPLOIT BlueCoat CAS v1.3.7.1 Report Email Command Injection attempt (exploit.rules) 2024235 - ProApps INFO DNS Query to Free Hosting Domain (freevnn . com) (info.rules) 2826066 - ProApps TROJAN Ransomware/Cerber Onion Domain Lookup (trojan.rules) 2826067 - ProApps MALWARE Win32/MyCleanPC.A PUP Checkin (malware.rules) 2826068 - ProApps MALWARE Win32/PUP User-Agent (USTechsupportStub) (malware.rules) 2826069 - ProApps TROJAN Ipdlacsing Checkin (trojan.rules) 2826070 - ProApps TROJAN Unknown Downloader Dropped by CVE-2017-0199 (trojan.rules) 2826071 - ProApps MOBILE_MALWARE RiskTool.AndroidOS.SmsPay.ek CnC Beacon (mobile_malware.rules) 2826072 - ProApps MOBILE_MALWARE Android/Adware.Kuguo.C Checkin 2 (mobile_malware.rules) 2826073 - ProApps TROJAN ZLoader Malicious SSL Cert Observed (trojan.rules) 2826074 - ProApps TROJAN ZLoader Malicious SSL Cert Observed (trojan.rules) 2826075 - ProApps TROJAN Zloader Domain in SNI (trojan.rules) 2826076 - ProApps TROJAN DNS Query to Cerber Domain (1m3xsy . top) (trojan.rules) 2826077 - ProApps TROJAN DNS Query to Cerber Domain (12bxp9 . top) (trojan.rules) 2826078 - ProApps TROJAN DNS Query to Cerber Domain (1jpb8w . top) (trojan.rules) 2826079 - ProApps TROJAN DNS Query to Cerber Domain (19hj4f . top) (trojan.rules) 2826080 - ProApps CURRENT_EVENTS Successful TD Bank Phish M1 Apr 21 2017 (current_events.rules) 2826081 - ProApps CURRENT_EVENTS Successful TD Bank Phish M2 Apr 21 2017 (current_events.rules) 2826082 - ProApps TROJAN Unknown Backdoor Checkin (trojan.rules) [+++] Modify rules: 105 [+++] 2011582 - ProApps POLICY Vulnerable Java Version 1.6.x Detected (policy.rules) 2014297 - ProApps POLICY Vulnerable Java Version 1.7.x Detected (policy.rules) 2019401 - ProApps POLICY Vulnerable Java Version 1.8.x Detected (policy.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2809063 - ProApps MOBILE_MALWARE DroidKungFu Checkin 5 (mobile_malware.rules) [+++] Removed rules: 1 [+++] 2003055 - ProApps MALWARE Suspicious FTP 220 Banner on Local Port (-) (malware.rules) [***] ProApps Security IDS Rules Changelog started Thu Apr 20 17:40:36 2017 [***] [+++] Added rules: 34 [+++] 2024227 - ProApps INFO Lets Encrypt Free SSL Cert Observed with IDN/Punycode Domain - Possible Phishing (info.rules) 2024228 - ProApps INFO Suspicious HTML Decimal Obfuscated Title - Possible Phishing Landing Apr 19 2017 (info.rules) 2024229 - ProApps CURRENT_EVENTS Known Malicious Expires Header Seen In Malicious JavaScript Downloader Campaign (current_events.rules) 2024230 - ProApps CURRENT_EVENTS iCloud Phishing Landing Sept 2 2016 (current_events.rules) 2826036 - ProApps CURRENT_EVENTS Successful Generic SSN Financial Phish Apr 19 2017 (current_events.rules) 2826037 - ProApps CURRENT_EVENTS Successful Dropbox Phish Apr 19 (current_events.rules) 2826038 - ProApps CURRENT_EVENTS Successful Adobe Phish Apr 19 2017 (current_events.rules) 2826039 - ProApps CURRENT_EVENTS Successful Google Drive Phish Apr 19 2017 (current_events.rules) 2826040 - ProApps CURRENT_EVENTS Successful Western Union Phish M1 Apr 20 2017 (current_events.rules) 2826041 - ProApps CURRENT_EVENTS Successful Western Union Phish M2 Apr 20 2017 (current_events.rules) 2826042 - ProApps CURRENT_EVENTS Successful Western Union Phish M3 Apr 20 2017 (current_events.rules) 2826043 - ProApps CURRENT_EVENTS Possible Successful Generic Phish Apr 20 2017 (current_events.rules) 2826044 - ProApps TROJAN Oilrig VBS DNS Lookup (trojan.rules) 2826045 - ProApps MALWARE PUP Win32/ELEX Checkin 3 (malware.rules) 2826046 - ProApps MOBILE_MALWARE Android.Trojan.SLocker.TX CnC Beacon (mobile_malware.rules) 2826047 - ProApps MOBILE_MALWARE Trojan.AndroidOS.Rootnik.bw CnC Beacon (mobile_malware.rules) 2826048 - ProApps CURRENT_EVENTS Microsoft Word Nemucod Phishing Landing Apr 20 2017 (current_events.rules) 2826049 - ProApps CURRENT_EVENTS Successful Nemucod Zipped JS Download - Possible Miuref/Kovter/Panda Banker Apr 20 2017 (current_events.rules) 2826050 - ProApps TROJAN Zeus Panda Banker Malicious SSL Certificate Detected (trojan.rules) 2826051 - ProApps MOBILE_MALWARE Android.Trojan.Agent.EZ CnC Beacon (mobile_malware.rules) 2826052 - ProApps TROJAN Zeus Panda Banker Malicious SSL Certificate Detected (trojan.rules) 2826053 - ProApps MOBILE_MALWARE Trojan-SMS.AndroidOS.Agent.zs Checkin (mobile_malware.rules) 2826054 - ProApps EXPLOIT Huawei HG532n - Enable Portmapping (exploit.rules) 2826055 - ProApps MOBILE_MALWARE Trojan.AndroidOS.Boogr.gsh DNS Lookup (mobile_malware.rules) 2826056 - ProApps TROJAN DNS Query to Cerber Domain (1j2ien . top) (trojan.rules) 2826057 - ProApps TROJAN DNS Query to Cerber Domain (12smak . top) (trojan.rules) 2826058 - ProApps TROJAN ZLoader Malicious SSL Cert Observed (trojan.rules) 2826059 - ProApps TROJAN DNS Query to Cerber Domain (15bjqq . top) (trojan.rules) 2826060 - ProApps TROJAN DNS Query to Cerber Domain (1ms2rx . top) (trojan.rules) 2826061 - ProApps MOBILE_MALWARE Android.Trojan.Guerrilla.n Checkin (mobile_malware.rules) 2826062 - ProApps TROJAN DNS Query to Cerber Domain (12zucf . top) (trojan.rules) 2826063 - ProApps TROJAN DNS Query to Cerber Domain (1ntyds . top) (trojan.rules) 2826064 - ProApps TROJAN DNS Query to Cerber Domain (1c7osg . top) (trojan.rules) 2826065 - ProApps TROJAN DNS Query to Cerber Domain (1cnkik . top) (trojan.rules) [+++] Modify rules: 104 [+++] 2024104 - ProApps TROJAN ABUSE.CH Ransomware/Cerber Onion Domain Lookup (trojan.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2810640 - ProApps MOBILE_MALWARE Android.Riskware.SMSReg.BW Checkin (mobile_malware.rules) 2815174 - ProApps CURRENT_EVENTS Successful iCloud Phish Dec 2 (current_events.rules) [+++] Removed rules: 10 [+++] 2821995 - ProApps CURRENT_EVENTS iCloud Phishing Landing Sept 2 2016 (current_events.rules) 2824170 - ProApps TROJAN DNS Query to Cerber Domain (1bpfr1 . top) (trojan.rules) 2824490 - ProApps TROJAN DNS Query to Cerber Domain (19ob95 . top) (trojan.rules) 2824491 - ProApps TROJAN DNS Query to Cerber Domain (16gjpm . top) (trojan.rules) 2824492 - ProApps TROJAN DNS Query to Cerber Domain (12gzrv . top) (trojan.rules) 2824494 - ProApps TROJAN DNS Query to Cerber Domain (17ldrv . top) (trojan.rules) 2824495 - ProApps TROJAN DNS Query to Cerber Domain (15rnwa . top) (trojan.rules) 2824498 - ProApps TROJAN DNS Query to Cerber Domain (1pbu64 . top) (trojan.rules) 2824499 - ProApps TROJAN DNS Query to Cerber Domain (191jcq . top) (trojan.rules) 2824500 - ProApps TROJAN DNS Query to Cerber Domain (1kdfj8 . top) (trojan.rules) [***] ProApps Security IDS Rules Changelog started Wed Apr 19 17:10:27 2017 [***] [+++] Added rules: 10 [+++] 2024223 - ProApps TROJAN MSIL/Runsome Ransomware CnC Checkin (trojan.rules) 2024224 - ProApps WEB_CLIENT Office Requesting .HTA File Likely CVE-2017-0199 Request (web_client.rules) 2024225 - ProApps WEB_CLIENT Office UA FB SET (web_client.rules) 2024226 - ProApps WEB_CLIENT Office Discovery HTA file Likely CVE-2017-0199 Request M2 (web_client.rules) 2826030 - ProApps TROJAN GOBLIN PANDA Looc CnC Beacon (trojan.rules) 2826031 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 76 (mobile_malware.rules) 2826032 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 77 (mobile_malware.rules) 2826033 - ProApps MOBILE_MALWARE Android/SMSreg.GB Checkin 3 (mobile_malware.rules) 2826034 - ProApps CURRENT_EVENTS RIG EK Landing Apr 04 2017 M5 (current_events.rules) 2826035 - ProApps MALWARE Win32/Adware.Weiduan HTTP POST (malware.rules) [+++] Modify rules: 105 [+++] 2000345 - ProApps TROJAN IRC Nick change on non-standard port (trojan.rules) 2000347 - ProApps TROJAN IRC Private message on non-standard port (trojan.rules) 2019545 - ProApps TROJAN Sofacy Request Outbound (trojan.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2826002 - ProApps CURRENT_EVENTS RIG EK Landing Apr 04 2017 M3 (current_events.rules) [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Tue Apr 18 17:16:14 2017 [***] [+++] Added rules: 22 [+++] 2024217 - ProApps EXPLOIT Possible ETERNALBLUE MS17-010 Heap Spray (exploit.rules) 2024218 - ProApps EXPLOIT Possible ETERNALBLUE MS17-010 Echo Response (exploit.rules) 2024219 - ProApps EXPLOIT Possible ETERNALROMANCE MS17-010 Heap Spray (exploit.rules) 2024220 - ProApps EXPLOIT Possible ETERNALBLUE MS17-010 Echo Request (set) (exploit.rules) 2024221 - ProApps TROJAN Possible Malicious Gzip PowerShell over HTTP (trojan.rules) 2024222 - ProApps EXPLOIT Possible EXPLODINGCAN IIS5.0/6.0 Exploit Attempt (exploit.rules) 2826014 - ProApps CURRENT_EVENTS Successful Multi Email Account Dropbox - Gmail Credentials Phish Apr 17 2017 (current_events.rules) 2826015 - ProApps CURRENT_EVENTS Successful Multi Email Account Dropbox - Other Credentials Phish Apr 17 2017 (current_events.rules) 2826016 - ProApps CURRENT_EVENTS Successful Multi Email Account Dropbox Phish Apr 17 2017 (current_events.rules) 2826017 - ProApps CURRENT_EVENTS Successful Groupwise Phish Apr 17 2017 (current_events.rules) 2826018 - ProApps MOBILE_MALWARE Trojan.AndroidOS.Fyec.bna CnC Beacon (mobile_malware.rules) 2826019 - ProApps TROJAN PowerShell Empire SSL Cert (trojan.rules) 2826020 - ProApps MOBILE_MALWARE Trojan.AndroidOS.Fyec.bna CnC Beacon 2 (mobile_malware.rules) 2826021 - ProApps CURRENT_EVENTS Successful Find My iPhone Phish Apr 18 2017 (current_events.rules) 2826022 - ProApps MOBILE_MALWARE PUA Android/SMSreg.VR Checkin (mobile_malware.rules) 2826023 - ProApps TROJAN MSIL/XnxxAgent Spam Bot Checkin M1 (trojan.rules) 2826024 - ProApps TROJAN MSIL/XnxxAgent Spam Bot Checkin M2 (trojan.rules) 2826025 - ProApps CURRENT_EVENTS Possible Magnitude EK Apr 04 2017 M3 (current_events.rules) 2826026 - ProApps TROJAN MSIL/Softmalaria Trojan CnC Checkin (trojan.rules) 2826027 - ProApps MALWARE MSIL/TrojanClicker.AdShow.NQB Initial Redirect Activity (malware.rules) 2826028 - ProApps TROJAN Malicious SSL Certificate Observed (Unknown Banker Injects) (trojan.rules) 2826029 - ProApps TROJAN Malicious SSL Certificate Observed (Unknown Banker) (trojan.rules) [+++] Modify rules: 106 [+++] 2015972 - ProApps CURRENT_EVENTS Successful PayPal Account Phish (current_events.rules) 2015980 - ProApps CURRENT_EVENTS Successful Google Account Phish (current_events.rules) 2016063 - ProApps CURRENT_EVENTS Successful PayPal Account Phish (current_events.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2812067 - ProApps TROJAN SOGU DNS CnC Channel TXT Lookup (trojan.rules) 2822401 - ProApps CURRENT_EVENTS Successful Apple Global Service Exchange Phish Oct 04 2016 (current_events.rules) [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Mon Apr 17 18:38:48 2017 [***] [+++] Added rules: 24 [+++] 2024206 - ProApps TROJAN Quant Loader Download Response M2 (trojan.rules) 2024207 - ProApps EXPLOIT Possible Successful ETERNALROMANCE MS17-010 - Windows Executable Observed (exploit.rules) 2024208 - ProApps EXPLOIT Possible ETERNALROMANCE MS17-010 (exploit.rules) 2024212 - ProApps EXPLOIT Possible ETERNALCHAMPION MS17-010 Sync Request (set) (exploit.rules) 2024213 - ProApps EXPLOIT Possible ETERNALCHAMPION MS17-010 Sync Response (exploit.rules) 2024214 - ProApps EXPLOIT Possible ECLIPSEDWING RPCTOUCH MS08-067 (exploit.rules) 2024215 - ProApps EXPLOIT Possible ECLIPSEDWING MS08-067 (exploit.rules) 2024216 - ProApps EXPLOIT Possible DOUBLEPULSAR Beacon Response (exploit.rules) 2825990 - ProApps TROJAN MSIL/Possessor Keylogger HTTP Logging (trojan.rules) 2825991 - ProApps TROJAN MSIL/Possessor Keylogger Retrieving Commands via FTP (trojan.rules) 2825992 - ProApps TROJAN MSIL/Possessor Keylogger Reporting External IP (trojan.rules) 2825993 - ProApps TROJAN MSIL/Possessor Keylogger HTTP Logging M2 (trojan.rules) 2825994 - ProApps TROJAN MSIL/Possessor Keylogger Generating Logs via FTP (trojan.rules) 2825995 - ProApps TROJAN Win32/TeamSpy CnC Checkin (trojan.rules) 2825996 - ProApps TROJAN Win32/TeamSpy CnC Keep-Alive (Outbound) (trojan.rules) 2825997 - ProApps TROJAN Malicious JS Download Response (trojan.rules) 2825998 - ProApps TROJAN Malicious JS Download Request (trojan.rules) 2825999 - ProApps TROJAN Observed Malicious Domain SSL Cert in SNI (Steam PWS CnC) (trojan.rules) 2826000 - ProApps MOBILE_MALWARE Android/HiddenApp.BF CnC Beacon (mobile_malware.rules) 2826001 - ProApps MOBILE_MALWARE Android/Kemoge Checkin 4 (mobile_malware.rules) 2826002 - ProApps CURRENT_EVENTS RIG EK Landing Apr 04 2017 M3 (current_events.rules) 2826003 - ProApps CURRENT_EVENTS RIG EK Landing Apr 04 2017 M4 (current_events.rules) 2826004 - ProApps TROJAN Malicious Fake Browser Update JS Download Response (trojan.rules) 2826005 - ProApps TROJAN MSIL/Trik Backdoor IRC Checkin (trojan.rules) [+++] Modify rules: 141 [+++] 2012118 - ProApps INFO http string in hex Possible Obfuscated Exploit Redirect (info.rules) 2013436 - ProApps INFO Redirection to driveby Page Home index.php (info.rules) 2400000 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 1 (drop.rules) 2400001 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 2 (drop.rules) 2400002 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 3 (drop.rules) 2400003 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 4 (drop.rules) 2400004 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 5 (drop.rules) 2400005 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 6 (drop.rules) 2400006 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 7 (drop.rules) 2400007 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 8 (drop.rules) 2400008 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 9 (drop.rules) 2400009 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 10 (drop.rules) 2400010 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 11 (drop.rules) 2400011 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 12 (drop.rules) 2400012 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 13 (drop.rules) 2400013 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 14 (drop.rules) 2400014 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 15 (drop.rules) 2400015 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 16 (drop.rules) 2400016 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 17 (drop.rules) 2400017 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 18 (drop.rules) 2400018 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 19 (drop.rules) 2400019 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 20 (drop.rules) 2400020 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 21 (drop.rules) 2400021 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 22 (drop.rules) 2400022 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 23 (drop.rules) 2400023 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 24 (drop.rules) 2400024 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 25 (drop.rules) 2400025 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 26 (drop.rules) 2400026 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 27 (drop.rules) 2400027 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 28 (drop.rules) 2400028 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 29 (drop.rules) 2400029 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 30 (drop.rules) 2400030 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 31 (drop.rules) 2400031 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 32 (drop.rules) 2400032 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 33 (drop.rules) 2400033 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 34 (drop.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2825619 - ProApps TROJAN PyCL/Fatboy Python Ransomware CnC Checkin (trojan.rules) 2825620 - ProApps TROJAN PyCL/Fatboy Python Ransomware CnC Activity (trojan.rules) 2825625 - ProApps TROJAN PyCL/Fatboy Python Ransomware CnC Activity M2 (trojan.rules) 2825945 - ProApps CURRENT_EVENTS Successful Impots. gouv. fr Phish Apr 13 2017 (current_events.rules) [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Fri Apr 14 16:42:18 2017 [***] [+++] Added rules: 38 [+++] 2012118 - ProApps INFO http string in hex Possible Obfuscated Exploit Redirect (info.rules) 2013436 - ProApps INFO Redirection to driveby Page Home index.php (info.rules) 2024205 - ProApps TROJAN Win32/Cradle Ransomware Onion Domain (trojan.rules) 2825955 - ProApps TROJAN DNS Query to Cerber Domain (1npg9s . top) (trojan.rules) 2825956 - ProApps TROJAN DNS Query to Cerber Domain (1nhkou . top) (trojan.rules) 2825957 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2017-04-13 1) (trojan.rules) 2825958 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2017-04-13 2) (trojan.rules) 2825959 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2017-04-13 3) (trojan.rules) 2825960 - ProApps CURRENT_EVENTS Successful Blockchain Phish Apr 13 2017 (current_events.rules) 2825961 - ProApps TROJAN APT28 XTunnel DNS Lookup (trojan.rules) 2825962 - ProApps CURRENT_EVENTS Successful Santander Phish Apr 14 2017 (current_events.rules) 2825963 - ProApps CURRENT_EVENTS Successful Caixa Bank (BR) Phish Apr 14 2017 (current_events.rules) 2825964 - ProApps CURRENT_EVENTS Successful Fedex Phish Apr 14 2017 (current_events.rules) 2825965 - ProApps CURRENT_EVENTS Secure Download Phishing Landing Apr 14 2017 (current_events.rules) 2825966 - ProApps CURRENT_EVENTS Successful Apple Phish Apr 14 2017 (current_events.rules) 2825967 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 55 (mobile_malware.rules) 2825968 - ProApps CURRENT_EVENTS Successful Admin Server Portal Phish Apr 14 2017 (current_events.rules) 2825969 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 56 (mobile_malware.rules) 2825970 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 57 (mobile_malware.rules) 2825971 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 58 (mobile_malware.rules) 2825972 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 59 (mobile_malware.rules) 2825973 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 60 (mobile_malware.rules) 2825974 - ProApps CURRENT_EVENTS Successful Instagram Phish Apr 14 2017 (current_events.rules) 2825975 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 61 (mobile_malware.rules) 2825976 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 62 (mobile_malware.rules) 2825977 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 63 (mobile_malware.rules) 2825978 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 64 (mobile_malware.rules) 2825979 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 65 (mobile_malware.rules) 2825980 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 66 (mobile_malware.rules) 2825981 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 67 (mobile_malware.rules) 2825982 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 68 (mobile_malware.rules) 2825983 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 69 (mobile_malware.rules) 2825984 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 70 (mobile_malware.rules) 2825985 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 71 (mobile_malware.rules) 2825986 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 72 (mobile_malware.rules) 2825987 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 73 (mobile_malware.rules) 2825988 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 74 (mobile_malware.rules) 2825989 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 75 (mobile_malware.rules) [+++] Modify rules: 130 [+++] 2023612 - ProApps TROJAN Ransomware/Cerber Checkin M3 (1) (trojan.rules) 2023613 - ProApps TROJAN Ransomware/Cerber Checkin M3 (2) (trojan.rules) 2023614 - ProApps TROJAN Ransomware/Cerber Checkin M3 (3) (trojan.rules) 2023615 - ProApps TROJAN Ransomware/Cerber Checkin M3 (4) (trojan.rules) 2023616 - ProApps TROJAN Ransomware/Cerber Checkin M3 (5) (trojan.rules) 2023617 - ProApps TROJAN Ransomware/Cerber Checkin M3 (6) (trojan.rules) 2023618 - ProApps TROJAN Ransomware/Cerber Checkin M3 (7) (trojan.rules) 2023619 - ProApps TROJAN Ransomware/Cerber Checkin M3 (8) (trojan.rules) 2023620 - ProApps TROJAN Ransomware/Cerber Checkin M3 (9) (trojan.rules) 2023621 - ProApps TROJAN Ransomware/Cerber Checkin M3 (10) (trojan.rules) 2023622 - ProApps TROJAN Ransomware/Cerber Checkin M3 (11) (trojan.rules) 2023623 - ProApps TROJAN Ransomware/Cerber Checkin M3 (12) (trojan.rules) 2023624 - ProApps TROJAN Ransomware/Cerber Checkin M3 (13) (trojan.rules) 2023625 - ProApps TROJAN Ransomware/Cerber Checkin M3 (14) (trojan.rules) 2023626 - ProApps TROJAN Ransomware/Cerber Checkin M3 (15) (trojan.rules) 2023627 - ProApps TROJAN Ransomware/Cerber Checkin M3 (16) (trojan.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2824707 - ProApps TROJAN Possible CobaltStrike CnC Beacon (Fake Safe Browsing) (trojan.rules) 2825619 - ProApps TROJAN PyCL/Fatboy Python Ransomware CnC Checkin (trojan.rules) 2825620 - ProApps TROJAN PyCL/Fatboy Python Ransomware CnC Activity (trojan.rules) 2825625 - ProApps TROJAN PyCL/Fatboy Python Ransomware CnC Activity M2 (trojan.rules) 2825929 - ProApps TROJAN MSIL/Remcos RAT CnC Checkin (trojan.rules) 2825930 - ProApps TROJAN MSIL/Remcos RAT CnC Keep-Alive (Inbound) (trojan.rules) 2825931 - ProApps TROJAN MSIL/Remcos RAT CnC Keep-Alive (Outbound) (trojan.rules) 2825932 - ProApps TROJAN MSIL/Remcos RAT CnC Requesting Init Screenshot (trojan.rules) 2825933 - ProApps TROJAN MSIL/Remcos RAT CnC Sending Init Screenshot (trojan.rules) 2825934 - ProApps TROJAN MSIL/Remcos RAT CnC Requesting Screenshot (trojan.rules) 2825935 - ProApps TROJAN MSIL/Remcos RAT CnC Sending Screenshot (trojan.rules) 2825936 - ProApps TROJAN MSIL/Remcos RAT CnC Requesting Uninstall (trojan.rules) 2825945 - ProApps CURRENT_EVENTS Successful Impots. gouv. fr Phish Apr 13 2017 (current_events.rules) [+++] Removed rules: 2 [+++] 2012118 - ProApps CURRENT_EVENTS http string in hex Likely Obfuscated Exploit Redirect (current_events.rules) 2013436 - ProApps CURRENT_EVENTS Redirection to driveby Page Home index.php (current_events.rules) [***] ProApps Security IDS Rules Changelog started Thu Apr 13 16:51:21 2017 [***] [+++] Added rules: 35 [+++] 2024204 - ProApps TROJAN MSIL/Hidden-Tear Variant Ransomware CnC Checkin (trojan.rules) 2825921 - ProApps CURRENT_EVENTS Successful Paypal Phish Apr 12 2017 (current_events.rules) 2825922 - ProApps CURRENT_EVENTS Successful Santander Phish Apr 12 2017 (current_events.rules) 2825923 - ProApps MOBILE_MALWARE Android.Trojan.InfoStealer.FY CnC Beacon (mobile_malware.rules) 2825924 - ProApps MOBILE_MALWARE Android.Trojan.InfoStealer.FY CnC Beacon 2 (mobile_malware.rules) 2825925 - ProApps MOBILE_MALWARE Android.Trojan.InfoStealer.FY CnC Beacon 3 (mobile_malware.rules) 2825926 - ProApps TROJAN Callisto RCS CnC Beacon 1 (trojan.rules) 2825927 - ProApps TROJAN RCS Variant CnC Beacon (trojan.rules) 2825928 - ProApps MOBILE_MALWARE PUA Android/SMSreg.UX CnC Beacon (mobile_malware.rules) 2825929 - ProApps TROJAN MSIL/Remcos RAT CnC Checkin (trojan.rules) 2825930 - ProApps TROJAN MSIL/Remcos RAT CnC Keep-Alive (Inbound) (trojan.rules) 2825931 - ProApps TROJAN MSIL/Remcos RAT CnC Keep-Alive (Outbound) (trojan.rules) 2825932 - ProApps TROJAN MSIL/Remcos RAT CnC Requesting Init Screenshot (trojan.rules) 2825933 - ProApps TROJAN MSIL/Remcos RAT CnC Sending Init Screenshot (trojan.rules) 2825934 - ProApps TROJAN MSIL/Remcos RAT CnC Requesting Screenshot (trojan.rules) 2825935 - ProApps TROJAN MSIL/Remcos RAT CnC Sending Screenshot (trojan.rules) 2825936 - ProApps TROJAN MSIL/Remcos RAT CnC Requesting Uninstall (trojan.rules) 2825937 - ProApps CURRENT_EVENTS Successful Apple Phish M1 Apr 13 2017 (current_events.rules) 2825938 - ProApps CURRENT_EVENTS Successful Apple Phish M2 Apr 13 2017 (current_events.rules) 2825939 - ProApps CURRENT_EVENTS Successful Apple Phish M3 Apr 13 2017 (current_events.rules) 2825940 - ProApps CURRENT_EVENTS Successful Amazon Phish M1 Apr 13 2017 (current_events.rules) 2825941 - ProApps CURRENT_EVENTS Successful Amazon Phish M2 Apr 13 2017 (current_events.rules) 2825942 - ProApps CURRENT_EVENTS Successful Fortuneo Banque (FR) Phish Apr 13 2017 (current_events.rules) 2825943 - ProApps TROJAN ZLoader Malicious SSL Cert Observed (trojan.rules) 2825944 - ProApps TROJAN ZLoader Malicious SSL Cert Observed (trojan.rules) 2825945 - ProApps CURRENT_EVENTS Successful Impots.gouv.fr Phish Apr 13 2017 (current_events.rules) 2825946 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 46 (mobile_malware.rules) 2825947 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 47 (mobile_malware.rules) 2825948 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 48 (mobile_malware.rules) 2825949 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 49 (mobile_malware.rules) 2825950 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 50 (mobile_malware.rules) 2825951 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 51 (mobile_malware.rules) 2825952 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 52 (mobile_malware.rules) 2825953 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 53 (mobile_malware.rules) 2825954 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 54 (mobile_malware.rules) [+++] Modify rules: 106 [+++] 2003492 - ProApps MALWARE Suspicious Mozilla User-Agent - Likely Fake (Mozilla/4.0) (malware.rules) 2023335 - ProApps TROJAN Nuke Ransomware Checkin (trojan.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2808718 - ProApps TROJAN Backdoor.Win32/Turla.A Checkin (trojan.rules) 2824707 - ProApps TROJAN Possible CobaltStrike CnC Beacon (Fake Safe Browsing) (trojan.rules) 2825898 - ProApps TROJAN Win32.APosT.em DocStealer Retrieving Plugin (trojan.rules) [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Wed Apr 12 18:42:50 2017 [***] [+++] Added rules: 24 [+++] 2024203 - ProApps TROJAN Win32/Mole Ransomware CnC Beacon (trojan.rules) 2825898 - ProApps TROJAN Win32.APosT.em DocStealer Retrieving Plugin (trojan.rules) 2825899 - ProApps TROJAN MSIL/Unk.PWSDL Initial CnC Checkin (trojan.rules) 2825900 - ProApps TROJAN MSIL/Unk.PWSDL Main CnC Checkin (trojan.rules) 2825901 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 34 (mobile_malware.rules) 2825902 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 35 (mobile_malware.rules) 2825903 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 36 (mobile_malware.rules) 2825904 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 37 (mobile_malware.rules) 2825905 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 38 (mobile_malware.rules) 2825906 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 40 (mobile_malware.rules) 2825907 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 41 (mobile_malware.rules) 2825908 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 42 (mobile_malware.rules) 2825909 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 43 (mobile_malware.rules) 2825910 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 44 (mobile_malware.rules) 2825911 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 45 (mobile_malware.rules) 2825912 - ProApps MALWARE Unknown Downloader Retrieving URL List (malware.rules) 2825913 - ProApps TROJAN Unknown Downloader Request (trojan.rules) 2825914 - ProApps CURRENT_EVENTS Successful Paypal Phish Apr 12 2017 (current_events.rules) 2825915 - ProApps CURRENT_EVENTS Successful Facebook Payment Update Phish Apr 12 2017 (current_events.rules) 2825916 - ProApps CURRENT_EVENTS Successful Santander Phish Apr 11 2017 (current_events.rules) 2825917 - ProApps CURRENT_EVENTS Successful Restore Missing Messages Phish Apr 12 2017 (current_events.rules) 2825918 - ProApps MOBILE_MALWARE Trojan.AndroidOS.Fyec.bps CnC Beacon (mobile_malware.rules) 2825919 - ProApps CURRENT_EVENTS Successful Banco Itau (BR) Phish Apr 12 2017 (current_events.rules) 2825920 - ProApps CURRENT_EVENTS Successful Administrator Quarterly Verification Phish Apr 12 2017 (current_events.rules) [+++] Modify rules: 110 [+++] 2007994 - ProApps MALWARE Suspicious User-Agent (1 space) (malware.rules) 2015946 - ProApps CURRENT_EVENTS CrimeBoss - Setup (current_events.rules) 2024197 - ProApps CURRENT_EVENTS SUSPICIOUS MSXMLHTTP DL of HTA (Observed in RTF 0-day ) (current_events.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2814578 - ProApps DNS SkullSecurity Encrypted Shell Possible Tunnel 2 (dns.rules) 2814905 - ProApps DNS SkullSecurity Encrypted Shell Possible Tunnel 3 (dns.rules) 2814906 - ProApps DNS SkullSecurity Encrypted Shell Possible Tunnel 4 (dns.rules) 2815637 - ProApps TROJAN Win32/Agent.XOA Checkin (APT-C-23) (trojan.rules) 2821424 - ProApps TROJAN Win32/Daserf CnC Beacon 1 (trojan.rules) 2825239 - ProApps TROJAN Lets Encrypt Free SSL Cert Observed in Possible Apple Phishing (trojan.rules) [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Tue Apr 11 19:50:42 2017 [***] [+++] Added rules: 60 [+++] 2024197 - ProApps CURRENT_EVENTS SUSPICIOUS MSXMLHTTP DL of HTA (Observed in RTF 0-day ) (current_events.rules) 2024198 - ProApps CURRENT_EVENTS EITest SocENG Payload DL (current_events.rules) 2024199 - ProApps CURRENT_EVENTS EITest SocENG Inject M2 (current_events.rules) 2024200 - ProApps CURRENT_EVENTS EITest SocENG Inject M3 (current_events.rules) 2024201 - ProApps MOBILE_MALWARE AdWare.AndroidOS.Ewind.cd Checkin (mobile_malware.rules) 2024202 - ProApps MOBILE_MALWARE AdWare.AndroidOS.Ewind.cd Response (mobile_malware.rules) 2825844 - ProApps MOBILE_MALWARE Android/Agent.ST Checkin (mobile_malware.rules) 2825845 - ProApps MOBILE_MALWARE Android/Spy.SmsSpy.IT CnC Beacon (mobile_malware.rules) 2825846 - ProApps MOBILE_MALWARE Android/Spy.SmsSpy.IT CnC Beacon 2 (mobile_malware.rules) 2825847 - ProApps MOBILE_MALWARE Android/Spy.SmsSpy.IT CnC Beacon 3 (mobile_malware.rules) 2825848 - ProApps EXPLOIT Windows Graphics Elevation of Privilege Vulnerability Inbound (CVE-2017-0155) (exploit.rules) 2825849 - ProApps WEB_CLIENT Possible IE UAF (CVE-2017-0158) (web_client.rules) 2825850 - ProApps EXPLOIT Windows Kernel Information Disclosure Vulnerability Inbound (CVE-2017-0167) (exploit.rules) 2825851 - ProApps EXPLOIT Win32k Elevation of Privilege Vulnerability Inbound (CVE-2017-0189) (exploit.rules) 2825852 - ProApps EXPLOIT Possible Microsoft Office 2007 DLL Sideloading (CVE-2017-0197) (exploit.rules) 2825853 - ProApps EXPLOIT Microsoft Outlook Remote Code Execution Vulnerability Inbound (CVE-2017-0199) (exploit.rules) 2825854 - ProApps WEB_CLIENT Possible Microsoft Edge Type Confusion (CVE-2017-0200) (web_client.rules) 2825855 - ProApps EXPLOIT Internet Explorer Memory Corruption Vulnerability (CVE-2017-0202) (exploit.rules) 2825856 - ProApps WEB_CLIENT Possible Edge Render Format Type Confusion (CVE-2017-0205) (web_client.rules) 2825857 - ProApps WEB_CLIENT Possible Windows Scripting Engine Information Disclosure Vulnerability (CVE-2017-0208) (web_client.rules) 2825858 - ProApps WEB_CLIENT Internet Explorer EOP Vulnerability (CVE-2017-0210) (web_client.rules) 2825859 - ProApps WEB_CLIENT Possible Adobe Reader CVE-2017-3014 Use After Free (web_client.rules) 2825860 - ProApps WEB_CLIENT Possible Adobe Reader Memory Corruption CVE-2017-3017 (web_client.rules) 2825861 - ProApps WEB_CLIENT Possible Adobe Reader Memory Corruption CVE-2017-3019 (web_client.rules) 2825862 - ProApps WEB_CLIENT Possible Adobe Reader Information Disclosure CVE-2017-3020 (web_client.rules) 2825863 - ProApps WEB_CLIENT Possible Adobe Reader Information Disclosure CVE-2017-3022 (web_client.rules) 2825864 - ProApps WEB_CLIENT Possible Adobe Reader Memory Corruption CVE-2017-3024 (web_client.rules) 2825865 - ProApps WEB_CLIENT Possible Adobe Reader Use After Free CVE-2017-3027 (web_client.rules) 2825866 - ProApps WEB_CLIENT Possible Adobe Reader Information Disclosure CVE-2017-3023 (web_client.rules) 2825867 - ProApps WEB_CLIENT Possible Adobe Reader Information Disclosure CVE-2017-3029 (web_client.rules) 2825868 - ProApps WEB_CLIENT Possible Adobe Reader Memory Corruption CVE-2017-3030 (web_client.rules) 2825869 - ProApps WEB_CLIENT Possible Adobe Reader Information Disclosure CVE-2017-3032 (web_client.rules) 2825870 - ProApps WEB_CLIENT Possible Adobe Reader Information Disclosure CVE-2017-3033 (web_client.rules) 2825871 - ProApps WEB_CLIENT Possible Adobe Reader Integer Overflow CVE-2017-3034 (web_client.rules) 2825872 - ProApps WEB_CLIENT Possible Adobe Reader Integer Overflow CVE-2017-3035 (web_client.rules) 2825873 - ProApps WEB_CLIENT Possible Adobe Reader Memory Corruption CVE-2017-3039 (web_client.rules) 2825874 - ProApps WEB_CLIENT Possible Adobe Reader Information Disclosure CVE-2017-3044 (web_client.rules) 2825875 - ProApps WEB_CLIENT Possible Adobe Reader Information Disclosure CVE-2017-3045 (web_client.rules) 2825876 - ProApps WEB_CLIENT Possible Adobe Reader Information Disclosure CVE-2017-3046 (web_client.rules) 2825877 - ProApps WEB_CLIENT Adobe Reader Use After Free CVE-2017-3047 (web_client.rules) 2825878 - ProApps WEB_CLIENT Possible Adobe Reader TIFF Heap Overflow (CVE-2017-3048) (web_client.rules) 2825879 - ProApps WEB_CLIENT Possible Adobe Reader TIFF Heap Overflow (CVE-2017-3049) (web_client.rules) 2825880 - ProApps WEB_CLIENT Possible Adobe Reader Memory Corruption CVE-2017-3056 (web_client.rules) 2825881 - ProApps WEB_CLIENT Adobe Reader Use After Free CVE-2017-3057 (web_client.rules) 2825882 - ProApps CURRENT_EVENTS Successful Email Shutdown/Verification Phish Apr 11 2017 (current_events.rules) 2825883 - ProApps TROJAN Malicious SSL Certificate Observed (Blue Lambert Implant) (trojan.rules) 2825884 - ProApps CURRENT_EVENTS Successful Office 365 Phish M1 Apr 11 2017 (current_events.rules) 2825885 - ProApps CURRENT_EVENTS Successful Office 365 Phish M2 Apr 11 2017 (current_events.rules) 2825886 - ProApps CURRENT_EVENTS Successful Credit Agricole Bank (FR) Phish Apr 11 2017 (current_events.rules) 2825887 - ProApps MOBILE_MALWARE Android/Styricka.A CnC Beacon 2 (mobile_malware.rules) 2825888 - ProApps CURRENT_EVENTS Successful American Express Phish Apr 11 2017 (current_events.rules) 2825889 - ProApps CURRENT_EVENTS Successful Chase Phish Apr 11 2017 (current_events.rules) 2825890 - ProApps CURRENT_EVENTS Successful Santander Phish Apr 11 2017 (current_events.rules) 2825891 - ProApps CURRENT_EVENTS Successful ZIX Message Center Phish Apr 11 2017 (current_events.rules) 2825892 - ProApps TROJAN Unknown MalDoc VBS Downloader Requesting Payload (trojan.rules) 2825893 - ProApps TROJAN BlueNoroff/Lazarus Variant CnC Beacon (trojan.rules) 2825894 - ProApps CURRENT_EVENTS Successful UBS Phish M1 Mar 13 2017 (current_events.rules) 2825895 - ProApps CURRENT_EVENTS Successful UBS Phish M2 Mar 13 2017 (current_events.rules) 2825896 - ProApps CURRENT_EVENTS Possible Magnitude EK Apr 04 2017 (current_events.rules) 2825897 - ProApps CURRENT_EVENTS Possible Magnitude EK First Stage Landing Apr 04 2017 (current_events.rules) [+++] Modify rules: 107 [+++] 2013091 - ProApps TROJAN Backdoor.Win32.DarkComet Keepalive Inbound (trojan.rules) 2014726 - ProApps POLICY Outdated Windows Flash Version IE (policy.rules) 2022836 - ProApps TROJAN PowerShell/Agent.A DNS Checkin (trojan.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2815637 - ProApps TROJAN Win32/Agent.XOA Checkin (APT-C-23) (trojan.rules) 2825769 - ProApps CURRENT_EVENTS RIG EK Landing Apr 04 2017 (current_events.rules) 2825831 - ProApps CURRENT_EVENTS RIG EK Landing Apr 04 2017 (current_events.rules) [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Mon Apr 10 17:21:32 2017 [***] [+++] Added rules: 18 [+++] 2024192 - ProApps EXPLOIT Possible RTF 0-day HTA (exploit.rules) 2024193 - ProApps EXPLOIT Possible RTF 0-day HTA M2 (exploit.rules) 2024194 - ProApps EXPLOIT Cisco Catalyst Remote Code Execution (CVE-2017-3881) (exploit.rules) 2024195 - ProApps WEB_CLIENT HTA File Download Flowbit Set (web_client.rules) 2024196 - ProApps WEB_CLIENT HTA File containing Wscript.Shell Call - Potential Office Exploit Attempt (web_client.rules) 2825831 - ProApps CURRENT_EVENTS RIG EK Landing Apr 04 2017 (current_events.rules) 2825832 - ProApps MALWARE PUP Adware/Kraddare HTTP Request (malware.rules) 2825833 - ProApps TROJAN Possible Win32/PSWTool.WebBrowserPassView.B Download From Free Hosting Service (trojan.rules) 2825834 - ProApps MOBILE_MALWARE Android/SMForw.AC SMS Exfil (mobile_malware.rules) 2825835 - ProApps MOBILE_MALWARE Android/Styricka.A CnC Beacon (mobile_malware.rules) 2825836 - ProApps MOBILE_MALWARE Android/Koler.AS DNS Lookup (mobile_malware.rules) 2825837 - ProApps MOBILE_MALWARE Android/Koler.AS DNS Lookup 2 (mobile_malware.rules) 2825838 - ProApps MOBILE_MALWARE Android/Koler.AS DNS Lookup 3 (mobile_malware.rules) 2825839 - ProApps MOBILE_MALWARE Android/Koler.AS DNS Lookup 4 (mobile_malware.rules) 2825840 - ProApps MOBILE_MALWARE Android/Koler.AS DNS Lookup 5 (mobile_malware.rules) 2825841 - ProApps MOBILE_MALWARE Android/Koler.AS DNS Lookup 6 (mobile_malware.rules) 2825842 - ProApps MOBILE_MALWARE Android/Koler.AS DNS Lookup 7 (mobile_malware.rules) 2825843 - ProApps MOBILE_MALWARE Android/SMForw.RI CnC Beacon (mobile_malware.rules) [+++] Modify rules: 139 [+++] 2011341 - ProApps TROJAN Suspicious POST With Reference to WINDOWS Folder Possible Malware Infection (trojan.rules) 2017627 - ProApps TROJAN W32/Kegotip CnC Beacon (trojan.rules) 2023583 - ProApps TROJAN Known Malicious Doc Downloading Payload Dec 06 2016 (trojan.rules) 2400000 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 1 (drop.rules) 2400001 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 2 (drop.rules) 2400002 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 3 (drop.rules) 2400003 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 4 (drop.rules) 2400004 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 5 (drop.rules) 2400005 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 6 (drop.rules) 2400006 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 7 (drop.rules) 2400007 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 8 (drop.rules) 2400008 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 9 (drop.rules) 2400009 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 10 (drop.rules) 2400010 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 11 (drop.rules) 2400011 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 12 (drop.rules) 2400012 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 13 (drop.rules) 2400013 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 14 (drop.rules) 2400014 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 15 (drop.rules) 2400015 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 16 (drop.rules) 2400016 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 17 (drop.rules) 2400017 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 18 (drop.rules) 2400018 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 19 (drop.rules) 2400019 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 20 (drop.rules) 2400020 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 21 (drop.rules) 2400021 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 22 (drop.rules) 2400022 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 23 (drop.rules) 2400023 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 24 (drop.rules) 2400024 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 25 (drop.rules) 2400025 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 26 (drop.rules) 2400026 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 27 (drop.rules) 2400027 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 28 (drop.rules) 2400028 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 29 (drop.rules) 2400029 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 30 (drop.rules) 2400030 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 31 (drop.rules) 2400031 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 32 (drop.rules) 2400032 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 33 (drop.rules) 2400033 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 34 (drop.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2825826 - ProApps TROJAN Bitcoin Miner Known Malicious Basic Auth (trojan.rules) [+++] Removed rules: 0 [+++] Read more » | |
|
Apr 10 |
ProApps Security IDS Rules Changelog 2017-04-10
Postado por Rafael Honorato on 10/Apr 15:50
|
[***] Summary 2017-04-10 [***] Total added rules: 309 Total modified rules: 1402 Total removed rules: 10 [***] ProApps Security IDS Rules Changelog started Fri Apr 7 16:56:36 2017 [***] [+++] Added rules: 15 [+++] 2024183 - ProApps TROJAN Possible Turla Carbon Paper CnC Beacon (Fake User-Agent) (trojan.rules) 2024184 - ProApps CURRENT_EVENTS Successful HM Revenue & Customs Phish M1 Apr 07 2017 (current_events.rules) 2024185 - ProApps CURRENT_EVENTS Successful HM Revenue & Customs Phish M2 Apr 07 2017 (current_events.rules) 2024186 - ProApps CURRENT_EVENTS Successful Santander Phish M1 Apr 07 2017 (current_events.rules) 2024187 - ProApps CURRENT_EVENTS Successful Santander Phish M2 Apr 07 2017 (current_events.rules) 2024188 - ProApps CURRENT_EVENTS Successful Santander Phish M3 Apr 07 2017 (current_events.rules) 2024189 - ProApps TROJAN DeepEnd Research Ransomware CrypMIC Payment Onion Domain (trojan.rules) 2024190 - ProApps TROJAN DeepEnd Research Ransomware CrypMIC Payment Onion Domain (trojan.rules) 2024191 - ProApps EXPLOIT TP-Link Archer C2 and Archer C20i Remote Code Execution (exploit.rules) 2825825 - ProApps CURRENT_EVENTS Successful Generic Phish - JS History.Go Redirect Apr 07 2017 (current_events.rules) 2825826 - ProApps TROJAN Bitcoin Miner Known Malicious Basic Auth (trojan.rules) 2825827 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2017-04-07 1) (trojan.rules) 2825828 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2017-04-07 2) (trojan.rules) 2825829 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2017-04-07 3) (trojan.rules) 2825830 - ProApps TROJAN DNS Query to Cerber Domain (1a7wnt . top) (trojan.rules) [+++] Modify rules: 103 [+++] 2003492 - ProApps MALWARE Suspicious Mozilla User-Agent - Likely Fake (Mozilla/4.0) (malware.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2825705 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2017-04-03 1) (trojan.rules) [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Thu Apr 6 17:04:59 2017 [***] [+++] Added rules: 26 [+++] 2024182 - ProApps TROJAN MSIL/NR42 Bot Parsing Config From Webpage (trojan.rules) 2825800 - ProApps TROJAN DNS Query to Cerber Domain (1aajb7 . top) (trojan.rules) 2825801 - ProApps TROJAN DNS Query to Cerber Domain (1gunao . top) (trojan.rules) 2825802 - ProApps TROJAN DNS Query to Cerber Domain (1nm62r . top) (trojan.rules) 2825803 - ProApps TROJAN DNS Query to Cerber Domain (1gu5um . top) (trojan.rules) 2825804 - ProApps TROJAN DNS Query to Cerber Domain (1grvue . top) (trojan.rules) 2825805 - ProApps TROJAN DNS Query to Cerber Domain (142djp . top) (trojan.rules) 2825806 - ProApps TROJAN DNS Query to Cerber Domain (1bcxcs . top) (trojan.rules) 2825807 - ProApps TROJAN DNS Query to Cerber Domain (1czh7o . top) (trojan.rules) 2825808 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 21 (mobile_malware.rules) 2825809 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 22 (mobile_malware.rules) 2825810 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 23 (mobile_malware.rules) 2825811 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 24 (mobile_malware.rules) 2825812 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 25 (mobile_malware.rules) 2825813 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 26 (mobile_malware.rules) 2825814 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 27 (mobile_malware.rules) 2825815 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 28 (mobile_malware.rules) 2825816 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 29 (mobile_malware.rules) 2825817 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 30 (mobile_malware.rules) 2825818 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 31 (mobile_malware.rules) 2825819 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 32 (mobile_malware.rules) 2825820 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 33 (mobile_malware.rules) 2825821 - ProApps TROJAN Targeted MICROPSIA SSL Cert (trojan.rules) 2825822 - ProApps TROJAN Targeted MICROPSIA SSL Cert (trojan.rules) 2825823 - ProApps TROJAN MICROPSIA Retrieving CnC Location (trojan.rules) 2825824 - ProApps TROJAN MICROPSIA Fake Headers and UA (trojan.rules) [+++] Modify rules: 115 [+++] 2007994 - ProApps MALWARE Suspicious User-Agent (1 space) (malware.rules) 2008233 - ProApps TROJAN Common Downloader Install Report URL (farfly checkin) (trojan.rules) 2013315 - ProApps TROJAN Suspicious User-Agent (Agent and 5 or 6 digits) (trojan.rules) 2022985 - ProApps TROJAN Trojan Generic - POST To gate.php with no accept headers (trojan.rules) 2023998 - ProApps TROJAN ABUSE.CH Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2825132 - ProApps TROJAN Win32/TinyNuke CnC Checkin (trojan.rules) 2825302 - ProApps TROJAN TorrentLocker C2 Domain (trojan.rules) 2825303 - ProApps TROJAN TorrentLocker C2 Domain (trojan.rules) 2825304 - ProApps TROJAN TorrentLocker C2 Domain (trojan.rules) 2825306 - ProApps TROJAN TorrentLocker C2 Domain (trojan.rules) 2825619 - ProApps TROJAN Fatboy Python Ransomware CnC Checkin (trojan.rules) 2825620 - ProApps TROJAN Fatboy Python Ransomware CnC Activity (trojan.rules) 2825625 - ProApps TROJAN Fatboy Python Ransomware CnC Activity M2 (trojan.rules) 2825758 - ProApps TROJAN MSIL/GX40 Ransomware CnC Checkin (trojan.rules) [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Wed Apr 5 17:20:20 2017 [***] [+++] Added rules: 32 [+++] 2024181 - ProApps EXPLOIT D-LINK DIR-615 Cross-Site Request Forgery (CVE-2017-7398) (exploit.rules) 2825769 - ProApps CURRENT_EVENTS RIG EK Landing Apr 04 2017 (current_events.rules) 2825770 - ProApps CURRENT_EVENTS Possible Magnitude EK Apr 04 2017 (current_events.rules) 2825771 - ProApps CURRENT_EVENTS Successful Capital One Phish Apr 05 2017 (current_events.rules) 2825772 - ProApps CURRENT_EVENTS Successful ING Phish (NL) Apr 05 2017 (current_events.rules) 2825773 - ProApps CURRENT_EVENTS Successful Chase Phish Apr 05 2017 (current_events.rules) 2825774 - ProApps TROJAN MSIL/Filecoder.AK Ransomware CnC Checkin (trojan.rules) 2825775 - ProApps TROJAN APT28 Uploader SSL Cert (trojan.rules) 2825776 - ProApps MALWARE APNInstaller PUP/Adware HTTP POST Request (malware.rules) 2825777 - ProApps TROJAN Torrentlocker Ransom Page HTTP Request (trojan.rules) 2825778 - ProApps TROJAN DNS Query to Cerber Domain (1mvku2 . top) (trojan.rules) 2825779 - ProApps TROJAN DNS Query to Cerber Domain (1qk2un . top) (trojan.rules) 2825780 - ProApps TROJAN DNS Query to Cerber Domain (1gswwp . top) (trojan.rules) 2825781 - ProApps TROJAN DNS Query to Cerber Domain (13eymq . top) (trojan.rules) 2825782 - ProApps TROJAN DNS Query to Cerber Domain (1aamtz . top) (trojan.rules) 2825783 - ProApps TROJAN DNS Query to Cerber Domain (1mswjm . top) (trojan.rules) 2825784 - ProApps TROJAN DNS Query to Cerber Domain (1fy93v . top) (trojan.rules) 2825785 - ProApps TROJAN DNS Query to Cerber Domain (14klmz . top) (trojan.rules) 2825786 - ProApps TROJAN DNS Query to Cerber Domain (1xynaz . top) (trojan.rules) 2825787 - ProApps TROJAN DNS Query to Cerber Domain (1ppto6 . top) (trojan.rules) 2825788 - ProApps TROJAN APT28 Unknown DNS Lookup (trojan.rules) 2825789 - ProApps MOBILE_MALWARE Android.Trojan.InfoStealer.IC CnC Beacon (mobile_malware.rules) 2825790 - ProApps MOBILE_MALWARE Android.Trojan.InfoStealer.IC CnC Beacon 2 (mobile_malware.rules) 2825791 - ProApps MOBILE_MALWARE Android.Trojan.InfoStealer.IC Contacts Exfil (mobile_malware.rules) 2825792 - ProApps MOBILE_MALWARE Android.Trojan.InfoStealer.IC SMS Exfil (mobile_malware.rules) 2825793 - ProApps MOBILE_MALWARE Android.Trojan.InfoStealer.IC Info Exfil (mobile_malware.rules) 2825794 - ProApps MOBILE_MALWARE Android.Trojan.InfoStealer.IC CnC Beacon 3 (mobile_malware.rules) 2825795 - ProApps MOBILE_MALWARE Android.Trojan.InfoStealer.IC Login Exfil (mobile_malware.rules) 2825796 - ProApps MOBILE_MALWARE Android.Trojan.InfoStealer.IC Domain Request in SNI via SSL (mobile_malware.rules) 2825797 - ProApps MOBILE_MALWARE Android.Trojan.InfoStealer.IC Login Exfil 2 (mobile_malware.rules) 2825798 - ProApps TROJAN KASPERAGENT CnC Request (trojan.rules) 2825799 - ProApps TROJAN Targeted/Possible APT ScanBox DNS Lookup (trojan.rules) [+++] Modify rules: 114 [+++] 2012981 - ProApps TROJAN Possible FakeAV Binary Download (Security) (trojan.rules) 2022985 - ProApps TROJAN Trojan Generic - POST To gate.php with no accept headers (trojan.rules) 2023998 - ProApps TROJAN ABUSE.CH Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2024175 - ProApps TROJAN Red Leaves HTTP CnC Beacon (APT10 implant) (trojan.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2825132 - ProApps TROJAN Win32/TinyNuke CnC Checkin (trojan.rules) 2825302 - ProApps TROJAN TorrentLocker C2 Domain (trojan.rules) 2825303 - ProApps TROJAN TorrentLocker C2 Domain (trojan.rules) 2825304 - ProApps TROJAN TorrentLocker C2 Domain (trojan.rules) 2825306 - ProApps TROJAN TorrentLocker C2 Domain (trojan.rules) 2825619 - ProApps TROJAN Fatboy Python Ransomware CnC Checkin (trojan.rules) 2825620 - ProApps TROJAN Fatboy Python Ransomware CnC Activity (trojan.rules) 2825625 - ProApps TROJAN Fatboy Python Ransomware CnC Activity M2 (trojan.rules) 2825758 - ProApps TROJAN MSIL/GX40 Ransomware CnC Checkin (trojan.rules) [+++] Removed rules: 1 [+++] 2825627 - ProApps TROJAN Undefined Python Ransomware CnC Activity (trojan.rules) [***] ProApps Security IDS Rules Changelog started Tue Apr 4 18:06:49 2017 [***] [+++] Added rules: 6 [+++] 2024167 - ProApps CURRENT_EVENTS Successful Mail.ru Phish Apr 04 2017 (current_events.rules) 2024168 - ProApps CURRENT_EVENTS Terror EK CVE-2016-0189 Exploit (current_events.rules) 2024169 - ProApps CURRENT_EVENTS Terror EK CVE-2016-0189 Exploit M2 (current_events.rules) 2024170 - ProApps CURRENT_EVENTS Terror EK CVE-2015-2419 Exploit (current_events.rules) 2024171 - ProApps MOBILE_MALWARE Android Trojan Pegasus CnC Beacon (mobile_malware.rules) 2024172 - ProApps MOBILE_MALWARE Android Trojan Pegasus CnC Beacon M2 (mobile_malware.rules) [+++] Modify rules: 103 [+++] 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2820316 - ProApps TROJAN EDA2 Gen Ransomware CnC Create Key (trojan.rules) 2823570 - ProApps TROJAN W32.Geodo/Emotet Checkin (trojan.rules) [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Mon Apr 3 18:04:12 2017 [***] [+++] Added rules: 30 [+++] 2010908 - ProApps INFO Mozilla User-Agent (Mozilla/5.0) Inbound Likely Fake (info.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2825699 - ProApps TROJAN CrimeScene/GhostAdmin/KeyTrap CnC Checkin (trojan.rules) 2825700 - ProApps TROJAN CrimeScene/GhostAdmin/KeyTrap Sending Screenshot via HTTP (trojan.rules) 2825701 - ProApps CURRENT_EVENTS Adobe Nested Data URI Phishing Landing Apr 3 2017 (current_events.rules) 2825702 - ProApps CURRENT_EVENTS Successful Adobe Phish Apr 3 2017 (current_events.rules) 2825703 - ProApps TROJAN Bladabindi/njRat Variant CnC Checkin (trojan.rules) 2825704 - ProApps MOBILE_MALWARE Android/Spy.SmsSpy.IT Checkin (mobile_malware.rules) 2825705 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2017-04-03 1) (trojan.rules) 2825706 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2017-04-03 2) (trojan.rules) 2825707 - ProApps TROJAN Win32/Unknown.CN RAT Checkin (trojan.rules) 2825708 - ProApps TROJAN DNS Query to Cerber Domain (18nepv . top) (trojan.rules) 2825709 - ProApps TROJAN DNS Query to Cerber Domain (1cdqfv . top) (trojan.rules) 2825710 - ProApps TROJAN DNS Query to Cerber Domain (1a2xx3 . top) (trojan.rules) 2825711 - ProApps TROJAN DNS Query to Cerber Domain (1gzjuc . top) (trojan.rules) 2825712 - ProApps TROJAN DNS Query to Cerber Domain (1eeyaj . top) (trojan.rules) 2825713 - ProApps TROJAN DNS Query to Cerber Domain (1accfa . top) (trojan.rules) 2825714 - ProApps TROJAN DNS Query to Cerber Domain (13kn4l . top) (trojan.rules) 2825715 - ProApps TROJAN DNS Query to Cerber Domain (17yo2b . top) (trojan.rules) 2825716 - ProApps TROJAN DNS Query to Cerber Domain (1qjl23 . top) (trojan.rules) 2825717 - ProApps TROJAN DNS Query to Cerber Domain (14dr1s . top) (trojan.rules) 2825718 - ProApps TROJAN W32/Unknown Dropper Checkin (trojan.rules) 2825719 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 2 (mobile_malware.rules) 2825720 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 3 (mobile_malware.rules) 2825721 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 4 (mobile_malware.rules) 2825722 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 5 (mobile_malware.rules) 2825723 - ProApps TROJAN MSIL/Impice.A CnC Checkin (trojan.rules) 2825724 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 6 (mobile_malware.rules) 2825725 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 7 (mobile_malware.rules) 2825726 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin 8 (mobile_malware.rules) [+++] Modify rules: 137 [+++] 2400000 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 1 (drop.rules) 2400001 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 2 (drop.rules) 2400002 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 3 (drop.rules) 2400003 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 4 (drop.rules) 2400004 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 5 (drop.rules) 2400005 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 6 (drop.rules) 2400006 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 7 (drop.rules) 2400007 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 8 (drop.rules) 2400008 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 9 (drop.rules) 2400009 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 10 (drop.rules) 2400010 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 11 (drop.rules) 2400011 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 12 (drop.rules) 2400012 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 13 (drop.rules) 2400013 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 14 (drop.rules) 2400014 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 15 (drop.rules) 2400015 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 16 (drop.rules) 2400016 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 17 (drop.rules) 2400017 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 18 (drop.rules) 2400018 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 19 (drop.rules) 2400019 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 20 (drop.rules) 2400020 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 21 (drop.rules) 2400021 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 22 (drop.rules) 2400022 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 23 (drop.rules) 2400023 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 24 (drop.rules) 2400024 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 25 (drop.rules) 2400025 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 26 (drop.rules) 2400026 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 27 (drop.rules) 2400027 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 28 (drop.rules) 2400028 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 29 (drop.rules) 2400029 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 30 (drop.rules) 2400030 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 31 (drop.rules) 2400031 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 32 (drop.rules) 2400032 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 33 (drop.rules) 2400033 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 34 (drop.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2808199 - ProApps MOBILE_MALWARE Android.Trojan.FakeInst.DZ Checkin (mobile_malware.rules) 2808271 - ProApps TROJAN BackDoor.Yebot Checkin (trojan.rules) 2825567 - ProApps TROJAN Possible Panda Banker DGA Lets Encrypt SSL Cert (trojan.rules) [+++] Removed rules: 1 [+++] 2010908 - ProApps MALWARE Mozilla User-Agent (Mozilla/5.0) Inbound Likely Fake (malware.rules) [***] ProApps Security IDS Rules Changelog started Fri Mar 31 17:28:50 2017 [***] [+++] Added rules: 51 [+++] 2024123 - ProApps MOBILE_MALWARE Android.C2P.Qd!c Ransomware CnC Beacon (mobile_malware.rules) 2024124 - ProApps CURRENT_EVENTS Lets Encrypt Free SSL Cert Observed in Tech Support Scams M1 (current_events.rules) 2024125 - ProApps CURRENT_EVENTS Lets Encrypt Free SSL Cert Observed in Tech Support Scams M2 (current_events.rules) 2024126 - ProApps CURRENT_EVENTS Lets Encrypt Free SSL Cert Observed in Tech Support Scams M3 (current_events.rules) 2024127 - ProApps CURRENT_EVENTS Lets Encrypt Free SSL Cert Observed in Tech Support Scams M4 (current_events.rules) 2024128 - ProApps CURRENT_EVENTS Lets Encrypt Free SSL Cert Observed in Tech Support Scams M5 (current_events.rules) 2024129 - ProApps CURRENT_EVENTS Lets Encrypt Free SSL Cert Observed in Tech Support Scams M6 (current_events.rules) 2024130 - ProApps CURRENT_EVENTS Lets Encrypt Free SSL Cert Observed in Tech Support Scams M7 (current_events.rules) 2024131 - ProApps CURRENT_EVENTS Lets Encrypt Free SSL Cert Observed in Tech Support Scams M8 (current_events.rules) 2024132 - ProApps CURRENT_EVENTS Lets Encrypt Free SSL Cert Observed in Tech Support Scams M9 (current_events.rules) 2024133 - ProApps CURRENT_EVENTS Suspicious Decimal IP Redirect - Observed in RIG EK Redirects M1 (current_events.rules) 2024134 - ProApps CURRENT_EVENTS Suspicious Decimal IP Redirect - Observed in RIG EK Redirects M2 (current_events.rules) 2024135 - ProApps CURRENT_EVENTS Suspicious Decimal IP Redirect - Observed in RIG EK Redirects M3 (current_events.rules) 2024136 - ProApps CURRENT_EVENTS Suspicious Decimal IP Redirect - Observed in RIG EK Redirects M4 (current_events.rules) 2024137 - ProApps CURRENT_EVENTS Suspicious Decimal IP Redirect - Observed in RIG EK Redirects M5 (current_events.rules) 2024138 - ProApps CURRENT_EVENTS Suspicious Decimal IP Redirect - Observed in RIG EK Redirects M6 (current_events.rules) 2024139 - ProApps CURRENT_EVENTS Suspicious Decimal IP Redirect - Observed in RIG EK Redirects M7 (current_events.rules) 2024140 - ProApps CURRENT_EVENTS Suspicious Decimal IP Redirect - Observed in RIG EK Redirects M8 (current_events.rules) 2024141 - ProApps CURRENT_EVENTS Suspicious Decimal IP Redirect - Observed in RIG EK Redirects M9 (current_events.rules) 2024142 - ProApps CURRENT_EVENTS Suspicious Decimal IP Redirect - Observed in RIG EK Redirects M10 (current_events.rules) 2024143 - ProApps TROJAN Possible CopyKitten DNS Lookup (1e100 .tech) (trojan.rules) 2024144 - ProApps TROJAN Possible CopyKitten DNS Lookup (1m100 .tech) (trojan.rules) 2024145 - ProApps TROJAN Possible CopyKitten DNS Lookup (ads-youtube .online) (trojan.rules) 2024146 - ProApps TROJAN Possible CopyKitten DNS Lookup (akamaitechnology .com) (trojan.rules) 2024147 - ProApps TROJAN Possible CopyKitten DNS Lookup (alkamaihd .net) (trojan.rules) 2024148 - ProApps TROJAN Possible CopyKitten DNS Lookup (azurewebsites .tech) (trojan.rules) 2024149 - ProApps TROJAN Possible CopyKitten DNS Lookup (broadcast-microsoft .tech) (trojan.rules) 2024150 - ProApps TROJAN Possible CopyKitten DNS Lookup (chromeupdates .online) (trojan.rules) 2024151 - ProApps TROJAN Possible CopyKitten DNS Lookup (cloudmicrosoft .net) (trojan.rules) 2024152 - ProApps TROJAN Possible CopyKitten DNS Lookup (dnsserv .host) (trojan.rules) 2024153 - ProApps TROJAN Possible CopyKitten DNS Lookup (elasticbeanstalk .tech) (trojan.rules) 2024154 - ProApps TROJAN Possible CopyKitten DNS Lookup (fdgdsg .xyz) (trojan.rules) 2024155 - ProApps TROJAN Possible CopyKitten DNS Lookup (jguery .net) (trojan.rules) 2024156 - ProApps TROJAN Possible CopyKitten DNS Lookup (jguery .online) (trojan.rules) 2024157 - ProApps TROJAN Possible CopyKitten DNS Lookup (microsoft-ds .com) (trojan.rules) 2024158 - ProApps TROJAN Possible CopyKitten DNS Lookup (microsoft-security .host) (trojan.rules) 2024159 - ProApps TROJAN Possible CopyKitten DNS Lookup (nameserver .win) (trojan.rules) 2024160 - ProApps TROJAN Possible CopyKitten DNS Lookup (newsfeeds-microsoft .press) (trojan.rules) 2024161 - ProApps TROJAN Possible CopyKitten DNS Lookup (owa-microsoft .online) (trojan.rules) 2024162 - ProApps TROJAN Possible CopyKitten DNS Lookup (primeminister-goverment-techcenter .tech) (trojan.rules) 2024163 - ProApps TROJAN Possible CopyKitten DNS Lookup (qoldenlines .net) (trojan.rules) 2024164 - ProApps TROJAN Possible CopyKitten DNS Lookup (sharepoint-microsoft .co) (trojan.rules) 2024165 - ProApps TROJAN Possible CopyKitten DNS Lookup (ssl-gstatic .online) (trojan.rules) 2024166 - ProApps TROJAN Possible CopyKitten DNS Lookup (trendmicro .tech) (trojan.rules) 2825692 - ProApps CURRENT_EVENTS Successful Tmobile (DE) Phish Mar 31 2017 (current_events.rules) 2825693 - ProApps CURRENT_EVENTS Successful Paypal Phish (IT) Mar 31 2017 (current_events.rules) 2825694 - ProApps CURRENT_EVENTS Successful Office 365 Phish Mar 31 2017 (current_events.rules) 2825695 - ProApps CURRENT_EVENTS Successful Blizzard Phish Mar 31 2017 (current_events.rules) 2825696 - ProApps TROJAN W32/Unknown Coinminer Module DL (trojan.rules) 2825697 - ProApps CURRENT_EVENTS Successful Caf.fr Phish Mar 31 2017 (current_events.rules) 2825698 - ProApps TROJAN MSIL/Downloader Downloading NetwireRAT (trojan.rules) [+++] Modify rules: 5 [+++] 2024121 - ProApps EXPLOIT NETGEAR WNR2000v5 hidden_lang_avi Stack Overflow (CVE-2016-10174) (exploit.rules) 2807086 - ProApps MOBILE_MALWARE Backdoor.AndroidOS.Obad.a Checkin 2 (mobile_malware.rules) 2808271 - ProApps TROJAN BackDoor.Yebot Checkin (trojan.rules) 2820838 - ProApps MOBILE_MALWARE ANDROIDOS_ROOTNIK.CBTCT / Godless Checkin (mobile_malware.rules) 2825618 - ProApps MOBILE_MALWARE Trojan.AndroidOS.Triada.aw Checkin 3 (mobile_malware.rules) [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Fri Mar 31 11:01:06 2017 [***] [+++] Added rules: 0 [+++] [+++] Modify rules: 101 [+++] 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2825675 - ProApps TROJAN Win32/HappyDayzz Ransomware CnC Checkin (trojan.rules) [+++] Removed rules: 1 [+++] 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) [***] ProApps Security IDS Rules Changelog started Thu Mar 30 17:03:35 2017 [***] [+++] Added rules: 19 [+++] 2024120 - ProApps TROJAN MSIL/Matrix Ransomware CnC Activity (trojan.rules) 2024121 - ProApps EXPLOIT NETGEAR WNR2000v5 hidden_lang_avi Stack Overflow (CVE-2016-10174) (exploit.rules) 2024122 - ProApps CURRENT_EVENTS MalDoc Retrieving Payload March 30 2017 (current_events.rules) 2825676 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Hqwar DNS Lookup (mobile_malware.rules) 2825677 - ProApps MALWARE Win32/Adware.Ymeta.A CnC Beacon (malware.rules) 2825678 - ProApps MOBILE_MALWARE PUP Android/Agent-AZS Checkin (mobile_malware.rules) 2825679 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.k CnC Beacon (mobile_malware.rules) 2825680 - ProApps TROJAN Observed Malicious JS Downloader SSL Cert (trojan.rules) 2825681 - ProApps TROJAN Observed Malicious JS Downloader SSL Cert (trojan.rules) 2825682 - ProApps TROJAN Observed Malicious JS Downloader SSL Cert (trojan.rules) 2825683 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.gd SMS Exfil via SMTP (mobile_malware.rules) 2825684 - ProApps CURRENT_EVENTS Successful Claro Phish Mar 30 2017 (current_events.rules) 2825685 - ProApps CURRENT_EVENTS Successful Google Drive Phish Mar 30 2017 (current_events.rules) 2825686 - ProApps CURRENT_EVENTS Successful Made in China Phish Mar 30 2017 (current_events.rules) 2825687 - ProApps CURRENT_EVENTS Successful iCloud Phish Mar 30 2017 (current_events.rules) 2825688 - ProApps CURRENT_EVENTS Successful Outlook Web Access Phish Mar 30 2017 (current_events.rules) 2825689 - ProApps CURRENT_EVENTS Successful USBank Phish Mar 30 2017 (current_events.rules) 2825690 - ProApps CURRENT_EVENTS Successful Banco do Brasil Phish Mar 30 2017 (current_events.rules) 2825691 - ProApps CURRENT_EVENTS Successful Navy Federal Phish Mar 30 2017 (current_events.rules) [+++] Modify rules: 102 [+++] 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2806829 - ProApps MOBILE_MALWARE Trojan-Downloader.AndroidOS.Fav.a Checkin (mobile_malware.rules) [+++] Removed rules: 1 [+++] 2825125 - ProApps TROJAN MSIL/Matrix Ransomware CnC Activity (trojan.rules) [***] ProApps Security IDS Rules Changelog started Wed Mar 29 18:26:46 2017 [***] [+++] Added rules: 32 [+++] 2020839 - ProApps TROJAN Win32/Teslacrypt Ransomware .onion domain (63ghdye17.com) (trojan.rules) 2020844 - ProApps TROJAN Win32/Teslacrypt Ransomware .onion domain (7hwr34n18.com) (trojan.rules) 2020869 - ProApps TROJAN Win32/Teslacrypt Ransomware .onion domain (wh47f2as19.com) (trojan.rules) 2024105 - ProApps TROJAN Win32/Teslacrypt Ransomware .onion domain (2kjb7.net) (trojan.rules) 2024108 - ProApps TROJAN KHRAT DragonOK DNS Lookup (inter-ctrip .com) (trojan.rules) 2024109 - ProApps CURRENT_EVENTS Possible Malicious Macro DL BIN March 2017 (current_events.rules) 2024110 - ProApps TROJAN DeepEnd Research Ransomware CrypMIC Payment Onion Domain (trojan.rules) 2024111 - ProApps TROJAN DeepEnd Research Ransomware CrypMIC Payment Onion Domain (trojan.rules) 2024112 - ProApps TROJAN DeepEnd Research Ransomware CrypMIC Payment Onion Domain (trojan.rules) 2024113 - ProApps TROJAN DeepEnd Research Ransomware CrypMIC Payment Onion Domain (trojan.rules) 2024114 - ProApps TROJAN DeepEnd Research Ransomware CrypMIC Payment Onion Domain (trojan.rules) 2024115 - ProApps TROJAN DeepEnd Research Ransomware CrypMIC Payment Onion Domain (trojan.rules) 2024116 - ProApps TROJAN DeepEnd Research Ransomware CrypMIC Payment Onion Domain (trojan.rules) 2024117 - ProApps TROJAN Ransomware CrypMIC Payment Onion Domain (trojan.rules) 2024118 - ProApps TROJAN Ransomware CrypMIC Payment Onion Domain (trojan.rules) 2024119 - ProApps TROJAN Ransomware CrypMIC Payment Onion Domain (trojan.rules) 2825660 - ProApps CURRENT_EVENTS Successful Bank of America Phish Mar 28 2017 (current_events.rules) 2825661 - ProApps CURRENT_EVENTS Successful Amazon Phish Mar 28 2017 (current_events.rules) 2825662 - ProApps CURRENT_EVENTS Successful DHL Phish Mar 28 2017 (current_events.rules) 2825663 - ProApps CURRENT_EVENTS Successful Amazon Phish Mar 29 2017 (current_events.rules) 2825664 - ProApps CURRENT_EVENTS Successful Facebook Phish Mar 28 2017 (current_events.rules) 2825665 - ProApps CURRENT_EVENTS Successful Yahoo Phish Mar 28 2017 (current_events.rules) 2825666 - ProApps CURRENT_EVENTS Successful Chase Phish Mar 28 2017 (current_events.rules) 2825667 - ProApps TROJAN APT28 XAgent DNS Lookup (trojan.rules) 2825668 - ProApps TROJAN APT28 XAgent DNS Lookup (trojan.rules) 2825669 - ProApps CURRENT_EVENTS Successful DHL Phish Mar 29 2017 (current_events.rules) 2825670 - ProApps TROJAN Possible Banker.Win32.Alreay SSL Cert (legit compromised) (trojan.rules) 2825671 - ProApps TROJAN W32/Unknown Checkin (trojan.rules) 2825672 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2017-03-29 1) (trojan.rules) 2825673 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2017-03-29 2) (trojan.rules) 2825674 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2017-03-29 3) (trojan.rules) 2825675 - ProApps TROJAN Win32/HappyDayzz Ransomware CnC Checkin (trojan.rules) [+++] Modify rules: 156 [+++] 2016868 - ProApps CURRENT_EVENTS Neutrino EK Plugin-Detect 2 May 20 2013 (current_events.rules) 2017587 - ProApps MOBILE_MALWARE Android/Opfake.A GetTask CnC Beacon (mobile_malware.rules) 2017594 - ProApps CURRENT_EVENTS Possible Neutrino EK Java Exploit Download Oct 15 2013 (current_events.rules) 2017595 - ProApps CURRENT_EVENTS Possible Neutrino EK Java Payload Download Oct 15 2013 (current_events.rules) 2017596 - ProApps CURRENT_EVENTS Neutrino EK XORed pluginDetect 1 (current_events.rules) 2017597 - ProApps CURRENT_EVENTS Neutrino EK XORed pluginDetect 2 (current_events.rules) 2017653 - ProApps CURRENT_EVENTS Possible Neutrino EK Java Exploit/Payload Download Nov 1 2013 (current_events.rules) 2017661 - ProApps CURRENT_EVENTS Possible Redirect to Neutrino EK goi.php Nov 4 2013 (current_events.rules) 2017824 - ProApps CURRENT_EVENTS Neutrino EK Landing Page Dec 09 2013 (current_events.rules) 2017963 - ProApps CURRENT_EVENTS Possible Neutrino/Fiesta EK SilverLight Exploit Jan 13 2014 DLL Naming Convention (current_events.rules) 2017971 - ProApps CURRENT_EVENTS Possible Neutrino EK IE/Silverlight Payload Download (current_events.rules) 2018226 - ProApps CURRENT_EVENTS Possible Neutrino/Fiesta EK SilverLight Exploit March 05 2014 DLL Naming Convention (current_events.rules) 2018580 - ProApps TROJAN Win32/Neutrino Checkin (trojan.rules) 2019211 - ProApps TROJAN Win32/Neutrino ping (trojan.rules) 2020093 - ProApps TROJAN Win32/Neutrino Cookie (trojan.rules) 2020094 - ProApps TROJAN Win32/Neutrino CC dump (trojan.rules) 2020779 - ProApps TROJAN Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 78 (trojan.rules) 2020781 - ProApps TROJAN Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 80 (trojan.rules) 2020783 - ProApps TROJAN Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 82 (trojan.rules) 2020785 - ProApps TROJAN Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 84 (trojan.rules) 2020791 - ProApps TROJAN Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 90 (trojan.rules) 2020949 - ProApps TROJAN Win32/Neutrino Bot Fake 404 Checkin Response (trojan.rules) 2021128 - ProApps TROJAN Blue Bot DDoS Proxy Request (trojan.rules) 2021588 - ProApps CURRENT_EVENTS Job314/Neutrino EK Flash Exploit M2 Aug 02 2015 (current_events.rules) 2021589 - ProApps CURRENT_EVENTS Job314/Neutrino EK Flash Exploit M3 Aug 02 2015 (current_events.rules) 2021590 - ProApps CURRENT_EVENTS Job314/Neutrino EK Flash Exploit M1 Aug 02 2015 (IE) (current_events.rules) 2022462 - ProApps TROJAN Win32/Neutrino Checkin 2 (trojan.rules) 2022463 - ProApps TROJAN Win32/Neutrino Checkin 3 (trojan.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2810822 - ProApps TROJAN Win32/Neutrino Checkin Response (trojan.rules) 2812645 - ProApps TROJAN Win32/Neutrino Checkin 1 (trojan.rules) 2812646 - ProApps TROJAN Win32/Neutrino Checkin 2 (trojan.rules) 2812647 - ProApps TROJAN Win32/Neutrino Failed Task (trojan.rules) 2812659 - ProApps TROJAN Possible Win32/Neutrino Checkin Response (trojan.rules) 2814472 - ProApps CURRENT_EVENTS Likely Neutrino EK Payload Oct 20 2015 M1 (current_events.rules) 2814473 - ProApps CURRENT_EVENTS Likely Neutrino EK Payload Oct 20 2015 M2 (current_events.rules) 2814474 - ProApps CURRENT_EVENTS Likely Neutrino EK Payload Oct 20 2015 M3 (current_events.rules) 2814475 - ProApps CURRENT_EVENTS Likely Neutrino EK Payload Oct 20 2015 M4 (current_events.rules) 2814476 - ProApps CURRENT_EVENTS Likely Neutrino EK Payload Oct 20 2015 M5 (current_events.rules) 2814477 - ProApps CURRENT_EVENTS Likely Neutrino EK Payload Oct 20 2015 M6 (current_events.rules) 2814570 - ProApps CURRENT_EVENTS Possible Neutrino EK Landing Oct 20 2015 M1 (current_events.rules) 2814571 - ProApps CURRENT_EVENTS Possible Neutrino EK Landing Oct 20 2015 M2 (current_events.rules) 2814572 - ProApps CURRENT_EVENTS Possible Neutrino EK Landing Oct 20 2015 M3 (current_events.rules) 2814573 - ProApps CURRENT_EVENTS Possible Neutrino EK Landing Oct 20 2015 M4 (current_events.rules) 2814574 - ProApps CURRENT_EVENTS Possible Neutrino EK Landing Oct 20 2015 M5 (current_events.rules) 2814575 - ProApps CURRENT_EVENTS Possible Neutrino EK Landing Oct 20 2015 M6 (current_events.rules) 2814604 - ProApps MALWARE Win32/Dorv.A/Expiro CnC Beacon (malware.rules) 2814950 - ProApps CURRENT_EVENTS Likely Neutrino EK Payload Oct 20 2015 M7 (current_events.rules) 2815413 - ProApps CURRENT_EVENTS Possible Neutrino EK Landing Oct 20 2015 M8 Landing URI Struct (current_events.rules) 2815414 - ProApps CURRENT_EVENTS Possible Neutrino EK Landing Oct 20 2015 M9 Landing URI Struct (current_events.rules) 2815415 - ProApps CURRENT_EVENTS Possible Neutrino EK Landing Oct 20 2015 10 Landing URI Struct (current_events.rules) 2815664 - ProApps CURRENT_EVENTS Possible Neutrino EK Landing Oct 20 2015 M11 Landing URI Struct (current_events.rules) 2820851 - ProApps CURRENT_EVENTS Possible Neutrino EK Landing Landing URI Struct (fb set) (current_events.rules) 2821023 - ProApps TROJAN Win32/Neutrino Bot Malicious SSL Certificate Detected (trojan.rules) 2825239 - ProApps TROJAN Lets Encrypt Free SSL Cert Observed in Possible Apple Phishing (trojan.rules) 2825650 - ProApps TROJAN Win32/Filecoder Ransomware Variant .onion Proxy Domain (trojan.rules) [+++] Removed rules: 4 [+++] 2020839 - ProApps POLICY Win32/Teslacrypt Ransomware .onion domain (63ghdye17.com) (policy.rules) 2020844 - ProApps POLICY Win32/Teslacrypt Ransomware .onion domain (7hwr34n18.com) (policy.rules) 2020869 - ProApps POLICY Win32/Teslacrypt Ransomware .onion domain (wh47f2as19.com) (policy.rules) 2024105 - ProApps POLICY Win32/Teslacrypt Ransomware .onion domain (2kjb7.net) (policy.rules) [***] ProApps Security IDS Rules Changelog started Tue Mar 28 17:05:05 2017 [***] [+++] Added rules: 34 [+++] 2024105 - ProApps POLICY Win32/Teslacrypt Ransomware .onion domain (2kjb7.net) (policy.rules) 2024106 - ProApps TROJAN Win32/Teslacrypt Ransomware .onion domain (7tno4hib47vlep5o) (trojan.rules) 2024107 - ProApps WEB_SERVER Microsoft IIS Remote Code Execution (CVE-2017-7269) (web_server.rules) 2825629 - ProApps CURRENT_EVENTS Successful RBC Royal Bank Phish Mar 27 2017 (current_events.rules) 2825630 - ProApps CURRENT_EVENTS RBC Royal Bank Phishing Landing Mar 27 2017 (current_events.rules) 2825631 - ProApps TROJAN HAKOPS Keylogger SMTP Infection Report (trojan.rules) 2825632 - ProApps CURRENT_EVENTS Successful Wells Fargo Phish Mar 27 2017 (current_events.rules) 2825633 - ProApps MOBILE_MALWARE PUP Android/Cooee.B Checkin (mobile_malware.rules) 2825634 - ProApps MOBILE_MALWARE PUP Android/Cooee.B Checkin 2 (mobile_malware.rules) 2825635 - ProApps MOBILE_MALWARE Android.Trojan.Fotemain.B CnC Beacon (mobile_malware.rules) 2825636 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.g SMS Exfil (mobile_malware.rules) 2825637 - ProApps TROJAN APT28 Uploader DNS Lookup (trojan.rules) 2825638 - ProApps TROJAN APT28 XTunnel DNS Lookup (trojan.rules) 2825639 - ProApps TROJAN APT28 XAgent DNS Lookup (trojan.rules) 2825640 - ProApps TROJAN APT28 XAgent DNS Lookup (trojan.rules) 2825641 - ProApps MOBILE_MALWARE Android/SmForw.J CnC Beacon (mobile_malware.rules) 2825642 - ProApps MOBILE_MALWARE Android/SmForw.J Contact Exfil (mobile_malware.rules) 2825643 - ProApps MOBILE_MALWARE Android.Riskware.SMSSend.B Checkin (mobile_malware.rules) 2825644 - ProApps CURRENT_EVENTS Successful Wells Fargo Phish Mar 28 2017 (current_events.rules) 2825645 - ProApps CURRENT_EVENTS Adobe Shared Document Phishing Landing Mar 28 2017 (current_events.rules) 2825646 - ProApps TROJAN Theresa Ransomware Initial CnC Checkin (trojan.rules) 2825647 - ProApps TROJAN Theresa Ransomware Initial CnC Checkin Response (trojan.rules) 2825648 - ProApps TROJAN Theresa Ransomware CnC File Encryption Status (trojan.rules) 2825649 - ProApps POLICY DNS Query to .onion proxy Domain (onion.fi) (policy.rules) 2825650 - ProApps TROJAN Win32/Filecoder Ransomware Variant .onion Proxy Domain - Clone (trojan.rules) 2825651 - ProApps TROJAN Win32/Remcos RAT Checkin 3 (trojan.rules) 2825652 - ProApps POLICY External IP Lookup ipapi.co (policy.rules) 2825653 - ProApps POLICY External IP Lookup ipof.in (policy.rules) 2825654 - ProApps TROJAN MSIL/Unknown CnC Checkin via MSSQL 1 (trojan.rules) 2825655 - ProApps TROJAN MSIL/Unknown CnC Checkin via MSSQL 2 (trojan.rules) 2825656 - ProApps TROJAN W32.Gotrat.de Checkin 2 (trojan.rules) 2825657 - ProApps TROJAN W32.Gotrat.de Checkin (trojan.rules) 2825658 - ProApps TROJAN Unknown KeyLogger CnC Checkin (trojan.rules) 2825659 - ProApps TROJAN Unknown KeyLogger CnC Checkin (trojan.rules) [+++] Modify rules: 113 [+++] 2001891 - ProApps USER_AGENTS Suspicious User Agent (agent) (user_agents.rules) 2003492 - ProApps MALWARE Suspicious Mozilla User-Agent - Likely Fake (Mozilla/4.0) (malware.rules) 2007994 - ProApps MALWARE Suspicious User-Agent (1 space) (malware.rules) 2018876 - ProApps POLICY DNS Query to .onion proxy Domain (onion.cab) (policy.rules) 2020839 - ProApps POLICY Win32/Teslacrypt Ransomware .onion domain (63ghdye17.com) (policy.rules) 2020844 - ProApps POLICY Win32/Teslacrypt Ransomware .onion domain (7hwr34n18.com) (policy.rules) 2020869 - ProApps POLICY Win32/Teslacrypt Ransomware .onion domain (wh47f2as19.com) (policy.rules) 2021293 - ProApps CURRENT_EVENTS KaiXin Secondary Landing Page (current_events.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2807390 - ProApps TROJAN Trojan.Dimnie Checkin 2 (trojan.rules) 2807391 - ProApps TROJAN Trojan.Dimnie Checkin (trojan.rules) 2824134 - ProApps CURRENT_EVENTS Successful Generic Phish (Meta HTTP-Equiv Refresh) Dec 29 2016 (current_events.rules) 2825226 - ProApps TROJAN Helminth/Oilrig CnC Beacon 2 (trojan.rules) [+++] Removed rules: 2 [+++] 2809702 - ProApps TROJAN Win32/Teslacrypt Ransomware .onion domain (7tno4hib47vlep5o) (trojan.rules) 2809867 - ProApps POLICY DNS Query to .onion proxy Domain (2kjb7.net) (policy.rules) [***] ProApps Security IDS Rules Changelog started Mon Mar 27 18:22:36 2017 [***] [+++] Added rules: 26 [+++] 2024101 - ProApps CURRENT_EVENTS Successful RBC Royal Bank Phish Mar 27 2017 (current_events.rules) 2024102 - ProApps CURRENT_EVENTS Successful Tangerine Bank Phish M1 Mar 27 2017 (current_events.rules) 2024103 - ProApps CURRENT_EVENTS Successful Tangerine Bank Phish M2 Mar 27 2017 (current_events.rules) 2024104 - ProApps TROJAN ABUSE.CH Ransomware/Cerber Onion Domain Lookup - Clone (trojan.rules) 2825607 - ProApps CURRENT_EVENTS Astrum EK Infoleak Prefilter Mar 25 2017 (current_events.rules) 2825608 - ProApps CURRENT_EVENTS Astrum EK Infoleak Prefilter M2 25 2017 (current_events.rules) 2825609 - ProApps TROJAN Possible Apple Phishing SNI (trojan.rules) 2825610 - ProApps TROJAN Lets Encrypt Free SSL Cert Observed in Possible Apple Phishing (trojan.rules) 2825611 - ProApps CURRENT_EVENTS Adobe Online Document Phishing Landing Mar 25 M1 (current_events.rules) 2825612 - ProApps MALWARE Win32/Adware.Kraddare.MB Dropping PUP (malware.rules) 2825613 - ProApps TROJAN MSIL/Unk.PWS Reporting Infection via SMTP (trojan.rules) 2825614 - ProApps CURRENT_EVENTS Successful Apple Phish Mar 27 2017 (current_events.rules) 2825615 - ProApps TROJAN DNS Query to TorrentLocker Domain (flackbon . tw) (trojan.rules) 2825616 - ProApps MOBILE_MALWARE Trojan-Dropper.AndroidOS.Agent.ay CnC Beacon (mobile_malware.rules) 2825617 - ProApps MOBILE_MALWARE Trojan.AndroidOS.Triada.aw Checkin 2 (mobile_malware.rules) 2825618 - ProApps MOBILE_MALWARE Trojan.AndroidOS.Triada.aw Checkin 3 (mobile_malware.rules) 2825619 - ProApps TROJAN Undefined Python Ransomware CnC Checkin (trojan.rules) 2825620 - ProApps TROJAN Undefined Python Ransomware CnC Activity (trojan.rules) 2825621 - ProApps MOBILE_MALWARE Trojan.AndroidOS.Triada.bz Checkin (mobile_malware.rules) 2825622 - ProApps WEB_SERVER JexBoss Common URI struct Observed 3 (INBOUND) (web_server.rules) 2825623 - ProApps WEB_SERVER JexBoss Common URI struct Observed 4 (INBOUND) (web_server.rules) 2825624 - ProApps WEB_SERVER Successful WebShell Access (web_server.rules) 2825625 - ProApps TROJAN Undefined Python Ransomware CnC Activity M2 (trojan.rules) 2825626 - ProApps MOBILE_MALWARE Trojan.AndroidOS.Triada.aw Checkin 4 (mobile_malware.rules) 2825627 - ProApps TROJAN Undefined Python Ransomware CnC Activity (trojan.rules) 2825628 - ProApps TROJAN DNS Query to TorrentLocker Domain (ifixidea . com) (trojan.rules) [+++] Modify rules: 145 [+++] 2400000 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 1 (drop.rules) 2400001 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 2 (drop.rules) 2400002 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 3 (drop.rules) 2400003 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 4 (drop.rules) 2400004 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 5 (drop.rules) 2400005 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 6 (drop.rules) 2400006 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 7 (drop.rules) 2400007 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 8 (drop.rules) 2400008 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 9 (drop.rules) 2400009 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 10 (drop.rules) 2400010 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 11 (drop.rules) 2400011 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 12 (drop.rules) 2400012 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 13 (drop.rules) 2400013 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 14 (drop.rules) 2400014 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 15 (drop.rules) 2400015 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 16 (drop.rules) 2400016 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 17 (drop.rules) 2400017 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 18 (drop.rules) 2400018 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 19 (drop.rules) 2400019 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 20 (drop.rules) 2400020 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 21 (drop.rules) 2400021 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 22 (drop.rules) 2400022 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 23 (drop.rules) 2400023 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 24 (drop.rules) 2400024 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 25 (drop.rules) 2400025 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 26 (drop.rules) 2400026 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 27 (drop.rules) 2400027 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 28 (drop.rules) 2400028 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 29 (drop.rules) 2400029 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 30 (drop.rules) 2400030 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 31 (drop.rules) 2400031 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 32 (drop.rules) 2400032 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 33 (drop.rules) 2400033 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 34 (drop.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2810934 - ProApps TROJAN Win32.Metfok Downloader CnC Beacon (trojan.rules) 2821474 - ProApps MOBILE_MALWARE Android/Secapk.F Checkin 4 (mobile_malware.rules) 2825326 - ProApps TROJAN DNS Query to TorrentLocker Domain (frontmain . pl) (trojan.rules) 2825327 - ProApps TROJAN DNS Query to TorrentLocker Domain (joygo . pl) (trojan.rules) 2825328 - ProApps TROJAN DNS Query to TorrentLocker Domain (questpul . pl) (trojan.rules) 2825329 - ProApps TROJAN DNS Query to TorrentLocker Domain (homewind . pl) (trojan.rules) 2825581 - ProApps MOBILE_MALWARE Trojan.AndroidOS.Triada.aw Checkin (mobile_malware.rules) 2825599 - ProApps TROJAN DNS Query to TorrentLocker Domain (hoptrop . pl) (trojan.rules) 2825600 - ProApps TROJAN DNS Query to TorrentLocker Domain (mailteam . pl) (trojan.rules) 2825601 - ProApps TROJAN DNS Query to TorrentLocker Domain (frontymen . pl) (trojan.rules) [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Fri Mar 24 17:41:26 2017 [***] [+++] Added rules: 23 [+++] 2825584 - ProApps TROJAN Targeted Unknown Bot CnC Beacon (trojan.rules) 2825585 - ProApps TROJAN Misdat/Poldat Variant CnC Beacon (trojan.rules) 2825586 - ProApps TROJAN SpyLuk RAT Checkin (trojan.rules) 2825587 - ProApps MOBILE_MALWARE Android/Spy.Banker.IE Checkin (mobile_malware.rules) 2825588 - ProApps MOBILE_MALWARE Android/Spy.Banker.IE Checkin 2 (mobile_malware.rules) 2825589 - ProApps TROJAN Samsam Ransomware Domain in SSL Client Hello (trojan.rules) 2825590 - ProApps TROJAN Samsam Ransomware Domain in SSL Client Hello (trojan.rules) 2825591 - ProApps EXPLOIT Possible Internet Explorer 11 UXSS (CVE-2017-0154) M2 (exploit.rules) 2825592 - ProApps TROJAN DNS Query to Sage Domain (we0sgd . com) (trojan.rules) 2825593 - ProApps TROJAN DNS Query to Sage Domain (lfsjkad . net) (trojan.rules) 2825594 - ProApps TROJAN DNS Query to Sage Domain (yio3lvx . com) (trojan.rules) 2825595 - ProApps TROJAN DNS Query to Cerber Domain (1pglcs . top) (trojan.rules) 2825596 - ProApps TROJAN DNS Query to Cerber Domain (1js3tl . top) (trojan.rules) 2825597 - ProApps TROJAN DNS Query to Cerber Domain (12t3rn . top) (trojan.rules) 2825598 - ProApps TROJAN DNS Query to Cerber Domain (1cewld . top) (trojan.rules) 2825599 - ProApps TROJAN DNS Query to TorrentLocker Domain (hoptrop . pl) (trojan.rules) 2825600 - ProApps TROJAN DNS Query to TorrentLocker Domain (mailteam . pl) (trojan.rules) 2825601 - ProApps TROJAN DNS Query to TorrentLocker Domain (frontymen . pl) (trojan.rules) 2825602 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2017-03-24 1) (trojan.rules) 2825603 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2017-03-24 2) (trojan.rules) 2825604 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2017-03-24 3) (trojan.rules) 2825605 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2017-03-24 4) (trojan.rules) 2825606 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2017-03-24 5) (trojan.rules) [+++] Modify rules: 101 [+++] 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Thu Mar 23 16:48:15 2017 [***] [+++] Added rules: 15 [+++] 2825569 - ProApps TROJAN Possible PlugX DNS Lookup (trojan.rules) 2825570 - ProApps CURRENT_EVENTS Successful Admin Server Portal Phish Mar 23 2017 (current_events.rules) 2825571 - ProApps CURRENT_EVENTS Successful HSBC Phish Mar 23 2017 (current_events.rules) 2825572 - ProApps CURRENT_EVENTS Successful Airbnb Phish M1 Mar 23 2017 (current_events.rules) 2825573 - ProApps CURRENT_EVENTS Successful Airbnb Phish M2 Mar 23 2017 (current_events.rules) 2825574 - ProApps CURRENT_EVENTS Successful Office 365 Phish Mar 23 2017 (current_events.rules) 2825575 - ProApps CURRENT_EVENTS Successful Microsoft Verify Account Phish Mar 23 2017 (current_events.rules) 2825576 - ProApps CURRENT_EVENTS Successful Dropbox Phish Mar 23 2017 (current_events.rules) 2825577 - ProApps TROJAN MSIL/Unk.DDoS Bot CnC Checkin (trojan.rules) 2825578 - ProApps CURRENT_EVENTS Successful RBC Bank Phish Mar 23 2017 (current_events.rules) 2825579 - ProApps TROJAN ZLoader Malicious SSL Cert Observed (trojan.rules) 2825580 - ProApps TROJAN ZLoader Malicious SSL Cert Observed (trojan.rules) 2825581 - ProApps MOBILE_MALWARE Trojan.AndroidOS.Triada.aw Checkin (mobile_malware.rules) 2825582 - ProApps MOBILE_MALWARE Trojan.AndroidOS.Triada.at CnC Beacon (mobile_malware.rules) 2825583 - ProApps TROJAN Win32/Remcos RAT Checkin 2 (trojan.rules) [+++] Modify rules: 107 [+++] 2023497 - ProApps DOS Microsoft Windows LSASS Remote Memory Corruption (CVE-2017-0004) (dos.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2814152 - ProApps CURRENT_EVENTS Successful Adobe Online Phish Sept 29 (current_events.rules) 2821329 - ProApps CURRENT_EVENTS Possible Successful Phish via imcreator.com / imxprs.com Jul 22 M2 (current_events.rules) 2825544 - ProApps MOBILE_MALWARE Trojan.AndroidOS.Triada.bh Checkin (mobile_malware.rules) 2825545 - ProApps MOBILE_MALWARE Trojan.AndroidOS.Triada.bh Checkin 2 (mobile_malware.rules) 2825548 - ProApps MOBILE_MALWARE Trojan.AndroidOS.Triada.v Checkin (mobile_malware.rules) [+++] Removed rules: 0 [+++] Read more » | |
|
Jan 19 |
ProApps Security IDS Rules Changelog 2017-01-19
Postado por Rafael Honorato on 19/Jan 08:29
|
[***] Summary 2017-01-19 [***] Total added rules: 141 Total modified rules: 697 Total removed rules: 15 [***] ProApps Security IDS Rules Changelog started Wed Jan 18 18:50:15 2017 [***] [+++] Added rules: 40 [+++] 2023746 - ProApps TROJAN User-Agent (Xmaker) (trojan.rules) 2023747 - ProApps TROJAN Evil JS Ransomware (trojan.rules) 2824478 - ProApps TROJAN Zeus Panda Banker Malicious SSL Certificate Detected (trojan.rules) 2824479 - ProApps TROJAN Win32/Filecoder.Philadelphia.E .onion Proxy Domain (trojan.rules) 2824480 - ProApps TROJAN Win32/Filecoder.Philadelphia.E .onion Proxy Domain (trojan.rules) 2824481 - ProApps TROJAN GhostAdmin Bot USER Command (trojan.rules) 2824482 - ProApps TROJAN GhostAdmin Bot JOIN Command (trojan.rules) 2824483 - ProApps TROJAN GhostAdmin Bot FTP Login (trojan.rules) 2824484 - ProApps TROJAN GhostAdmin Bot Keylogger FTP Upload (trojan.rules) 2824485 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2824486 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2824487 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2824488 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2824489 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.Ecobatry.a Checkin (mobile_malware.rules) 2824490 - ProApps TROJAN DNS Query to Cerber Domain (19ob95 . top) (trojan.rules) 2824491 - ProApps TROJAN DNS Query to Cerber Domain (16gjpm . top) (trojan.rules) 2824492 - ProApps TROJAN DNS Query to Cerber Domain (12gzrv . top) (trojan.rules) 2824493 - ProApps TROJAN DNS Query to Cerber Domain (156vkx . top) (trojan.rules) 2824494 - ProApps TROJAN DNS Query to Cerber Domain (17ldrv . top) (trojan.rules) 2824495 - ProApps TROJAN DNS Query to Cerber Domain (15rnwa . top) (trojan.rules) 2824496 - ProApps TROJAN DNS Query to Cerber Domain (1cqoww . top) (trojan.rules) 2824497 - ProApps TROJAN DNS Query to Cerber Domain (15l2ub . top) (trojan.rules) 2824498 - ProApps TROJAN DNS Query to Cerber Domain (1pbu64 . top) (trojan.rules) 2824499 - ProApps TROJAN DNS Query to Cerber Domain (191jcq . top) (trojan.rules) 2824500 - ProApps TROJAN DNS Query to Cerber Domain (1kdfj8 . top) (trojan.rules) 2824501 - ProApps TROJAN APT28 XTunnel DNS Lookup (trojan.rules) 2824502 - ProApps MOBILE_MALWARE Trojan-Ransom.AndroidOS.Pletor.b Checkin (mobile_malware.rules) 2824503 - ProApps MOBILE_MALWARE Android/Simplocker.R DNS Lookup (mobile_malware.rules) 2824504 - ProApps TROJAN PadCrypt Ransomware DGA Checkin (trojan.rules) 2824505 - ProApps TROJAN Ransomware Domain Detected (Padcrypt) (trojan.rules) 2824506 - ProApps EXPLOIT Grandstream IP Phone Password Disclosure (exploit.rules) 2824507 - ProApps TROJAN Unknown MalDoc CnC Beacon (trojan.rules) 2824508 - ProApps CURRENT_EVENTS Successful Adobe Shared PDF Phish M1 Jan 18 2017 (current_events.rules) 2824509 - ProApps CURRENT_EVENTS Successful Adobe Shared PDF Phish M2 Jan 18 2017 (current_events.rules) 2824510 - ProApps CURRENT_EVENTS Successful MBNA Phish M1 Jan 18 2017 (current_events.rules) 2824511 - ProApps CURRENT_EVENTS Successful MBNA Phish M2 Jan 18 2017 (current_events.rules) 2824512 - ProApps CURRENT_EVENTS Successful MBNA Phish M3 Jan 18 2017 (current_events.rules) 2824513 - ProApps CURRENT_EVENTS Successful Poste Italiane Phish Jan 18 2016 (current_events.rules) 2824514 - ProApps CURRENT_EVENTS Successful LinkedIn Phish Jan 18 2017 (current_events.rules) 2824515 - ProApps CURRENT_EVENTS Successful Netflix Phish Jan 18 2017 (current_events.rules) [+++] Modify rules: 162 [+++] 2011582 - ProApps POLICY Vulnerable Java Version 1.6.x Detected (policy.rules) 2013808 - ProApps TROJAN Dooptroop Dropper Checkin (trojan.rules) 2014112 - ProApps TROJAN Dooptroop CnC Beacon (trojan.rules) 2014297 - ProApps POLICY Vulnerable Java Version 1.7.x Detected (policy.rules) 2019401 - ProApps POLICY Vulnerable Java Version 1.8.x Detected (policy.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 805 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1881 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 4102 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4433 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 4492 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2806032 - ProApps TROJAN Win32.Scar.hhrw POST (trojan.rules) 2812810 - ProApps MALWARE Win32/Adware.FileTour Variant PUP Checkin 3 (malware.rules) 2821937 - ProApps CURRENT_EVENTS Successful Bank of America Phish M1 Aug 31 2016 (current_events.rules) 2822899 - ProApps CURRENT_EVENTS Successful Windows Live Account Phish Oct 26 2016 (current_events.rules) [+++] Removed rules: 3 [+++] 2014398 - ProApps TROJAN Generic.KD.291903/Win32.TrojanClicker.Agent.NII Nconfirm Checkin (trojan.rules) 2805761 - ProApps TROJAN Trojan-Ransom.Win32.Foreign.vcs Checkin (trojan.rules) 2824461 - ProApps TROJAN User-Agent (Xmaker) (trojan.rules) [***] ProApps Security IDS Rules Changelog started Tue Jan 17 16:38:37 2017 [***] [+++] Added rules: 45 [+++] 2023742 - ProApps CURRENT_EVENTS EITest SocEng Inject Jan 15 2017 M2 (current_events.rules) 2023743 - ProApps CURRENT_EVENTS EITest SocEng Inject Jan 15 2017 M1 (current_events.rules) 2023744 - ProApps CURRENT_EVENTS EITest SocEng Inject Jan 15 2017 M2 (current_events.rules) 2023745 - ProApps CURRENT_EVENTS EITest SocEng Inject Jan 15 2017 EXE Download (current_events.rules) 2819782 - ProApps TROJAN CrimeScene Mailer Requesting Config (trojan.rules) 2824438 - ProApps CURRENT_EVENTS Magnitude EK Landing Jan 15 2017 M1 (current_events.rules) 2824439 - ProApps CURRENT_EVENTS Magnitude EK Landing Jan 15 2017 M2 (current_events.rules) 2824440 - ProApps CURRENT_EVENTS Magnitude EK Redirect Jan 15 2017 (current_events.rules) 2824441 - ProApps CURRENT_EVENTS Natwest Phishing Landing Jan 17 2016 (current_events.rules) 2824442 - ProApps CURRENT_EVENTS Successful Natwest Phish Jan 17 2016 (current_events.rules) 2824443 - ProApps CURRENT_EVENTS Successful ING Direct Phish Jan 17 2017 (current_events.rules) 2824444 - ProApps CURRENT_EVENTS Possible Successful Generic Phish (set) Jan 17 2017 (current_events.rules) 2824445 - ProApps CURRENT_EVENTS Possible Successful Generic Phish (set) Jan 17 2017 (current_events.rules) 2824446 - ProApps CURRENT_EVENTS Successful Mailbox Account Upgrade Phish Jan 17 2017 (current_events.rules) 2824447 - ProApps CURRENT_EVENTS Successful Sparkasse (DE) Phish Jan 17 2017 (current_events.rules) 2824448 - ProApps TROJAN Observed Malicious SSL Cert (Gootkit) (trojan.rules) 2824449 - ProApps CURRENT_EVENTS GreenFlash SunDown EK Flash Exploit Jan 17 (current_events.rules) 2824450 - ProApps TROJAN NanoBot .onion Proxy Domain (trojan.rules) 2824451 - ProApps TROJAN DNS Query to Cerber Domain (19ob95 . top) (trojan.rules) 2824452 - ProApps TROJAN DNS Query to Cerber Domain (16gjpm . top) (trojan.rules) 2824453 - ProApps TROJAN DNS Query to Cerber Domain (12gzrv . top) (trojan.rules) 2824454 - ProApps TROJAN DNS Query to Cerber Domain (17ldrv . top) (trojan.rules) 2824455 - ProApps TROJAN DNS Query to Cerber Domain (15rnwa . top) (trojan.rules) 2824456 - ProApps TROJAN DNS Query to Cerber Domain (1pbu64 . top) (trojan.rules) 2824457 - ProApps TROJAN DNS Query to Cerber Domain (191jcq . top) (trojan.rules) 2824458 - ProApps TROJAN DNS Query to Cerber Domain (1kdfj8 . top) (trojan.rules) 2824459 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.SmsBlock.a SMS Exfil via SMTP (mobile_malware.rules) 2824460 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.SmsBlock.a SMS Exfil via SMTP 2 (mobile_malware.rules) 2824461 - ProApps TROJAN User-Agent (Xmaker) (trojan.rules) 2824462 - ProApps TROJAN Madness DDOS SSL Cert (trojan.rules) 2824463 - ProApps TROJAN Observed Malicious Domain SSL Cert in SNI (Unknown) (trojan.rules) 2824464 - ProApps TROJAN Unknown CnC Checkin (trojan.rules) 2824465 - ProApps TROJAN StrongPity SSL Cert (trojan.rules) 2824466 - ProApps TROJAN StrongPity SSL Cert (trojan.rules) 2824467 - ProApps CURRENT_EVENTS Successful Apple Phish M1 Jan 17 2017 (current_events.rules) 2824468 - ProApps CURRENT_EVENTS Successful Apple Phish M2 Jan 17 2017 (current_events.rules) 2824469 - ProApps CURRENT_EVENTS Successful Generic Mailbox Validation Phish Jan 17 2017 (current_events.rules) 2824470 - ProApps CURRENT_EVENTS Successful Excel Phish M1 Jan 17 2017 (current_events.rules) 2824471 - ProApps CURRENT_EVENTS Successful Excel Phish M2 Jan 17 2017 (current_events.rules) 2824472 - ProApps CURRENT_EVENTS Successful Dynamic Folder Phish Jan 17 2017 (current_events.rules) 2824473 - ProApps CURRENT_EVENTS Successful USAA Phish Jan 17 2017 (current_events.rules) 2824474 - ProApps CURRENT_EVENTS Successful Capital One Phish Jan 17 2017 (current_events.rules) 2824475 - ProApps CURRENT_EVENTS Successful Paypal Phish Jan 17 2016 (current_events.rules) 2824476 - ProApps TROJAN GhostAdmin Sending Configs (trojan.rules) 2824477 - ProApps MOBILE_MALWARE Trojan-Ransom.AndroidOS.Congur.a Checkin via SMTP (mobile_malware.rules) [+++] Modify rules: 198 [+++] 2017131 - ProApps CURRENT_EVENTS Potential Internet Explorer Use After Free CVE-2013-3163 Exploit URI Struct 1 (current_events.rules) 2020116 - ProApps POLICY DNS Query for .onion proxy Domain (onion.to) (policy.rules) 2020126 - ProApps POLICY DNS Query for .onion proxy Domain (tor4pay.com) (policy.rules) 2020133 - ProApps POLICY DNS Query for .onion proxy Domain (torminater.com) (policy.rules) 2020430 - ProApps POLICY DNS Query for .onion proxy Domain (onion.city) (policy.rules) 2022332 - ProApps POLICY DNS Query for .onion proxy Domain (onion.link) (policy.rules) 2022644 - ProApps POLICY DNS Query for .onion proxy Domain (torgate.es) (policy.rules) 2400000 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 1 (drop.rules) 2400001 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 2 (drop.rules) 2400002 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 3 (drop.rules) 2400003 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 4 (drop.rules) 2400004 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 5 (drop.rules) 2400005 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 6 (drop.rules) 2400006 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 7 (drop.rules) 2400007 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 8 (drop.rules) 2400008 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 9 (drop.rules) 2400009 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 10 (drop.rules) 2400010 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 11 (drop.rules) 2400011 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 12 (drop.rules) 2400012 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 13 (drop.rules) 2400013 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 14 (drop.rules) 2400014 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 15 (drop.rules) 2400015 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 16 (drop.rules) 2400016 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 17 (drop.rules) 2400017 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 18 (drop.rules) 2400018 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 19 (drop.rules) 2400019 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 20 (drop.rules) 2400020 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 21 (drop.rules) 2400021 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 22 (drop.rules) 2400022 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 23 (drop.rules) 2400023 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 24 (drop.rules) 2400024 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 25 (drop.rules) 2400025 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 26 (drop.rules) 2400026 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 27 (drop.rules) 2400027 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 28 (drop.rules) 2400028 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 29 (drop.rules) 2400029 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 30 (drop.rules) 2400030 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 31 (drop.rules) 2400031 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 32 (drop.rules) 2400032 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 33 (drop.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 805 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1881 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 4102 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4433 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 4492 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2822482 - ProApps CURRENT_EVENTS SunDown/Xer Payload (URL Primer) (current_events.rules) 2822942 - ProApps CURRENT_EVENTS Successful Yahoo Phish Oct 27 2016 (current_events.rules) 2824241 - ProApps CURRENT_EVENTS Successful Paypal Phish M4 Jan 05 2017 (current_events.rules) 2824242 - ProApps CURRENT_EVENTS Successful Paypal Phish M5 Jan 05 2017 (current_events.rules) 2824243 - ProApps CURRENT_EVENTS Successful Paypal Phish M6 Jan 05 2017 (current_events.rules) [+++] Removed rules: 3 [+++] 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405054 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) [***] ProApps Security IDS Rules Changelog started Fri Jan 13 17:12:45 2017 [***] [+++] Added rules: 33 [+++] 2023740 - ProApps TROJAN Possible Pony Payload DL (trojan.rules) 2023741 - ProApps TROJAN Pony DLL Download M2 (trojan.rules) 2824407 - ProApps CURRENT_EVENTS SunDown EK Payload Jan 12 2017 (current_events.rules) 2824408 - ProApps CURRENT_EVENTS PowerShell Empire Session Initial Activity (current_events.rules) 2824409 - ProApps TROJAN Cmstar or Etirehni or Related Implant DNS Lookup (trojan.rules) 2824410 - ProApps TROJAN Cmstar or Etirehni or Related Implant DNS Lookup (trojan.rules) 2824411 - ProApps TROJAN Cmstar or Etirehni or Related Implant DNS Lookup (trojan.rules) 2824412 - ProApps TROJAN Cmstar or Etirehni or Related Implant DNS Lookup (trojan.rules) 2824413 - ProApps TROJAN Cmstar or Etirehni or Related Implant DNS Lookup (trojan.rules) 2824414 - ProApps TROJAN Cmstar or Etirehni or Related Implant DNS Lookup (trojan.rules) 2824415 - ProApps TROJAN Cmstar or Etirehni or Related Implant DNS Lookup (trojan.rules) 2824416 - ProApps TROJAN Cmstar or Etirehni or Related Implant DNS Lookup (trojan.rules) 2824417 - ProApps TROJAN Cmstar or Etirehni or Related Implant DNS Lookup (trojan.rules) 2824418 - ProApps TROJAN Cmstar or Etirehni or Related Implant DNS Lookup (trojan.rules) 2824419 - ProApps TROJAN Cmstar or Etirehni or Related Implant DNS Lookup (trojan.rules) 2824420 - ProApps TROJAN Cmstar or Etirehni or Related Implant DNS Lookup (trojan.rules) 2824421 - ProApps TROJAN Win32.Bunitu DNS Lookup (trojan.rules) 2824422 - ProApps TROJAN Nomri (Cmstar related) DNS Lookup (trojan.rules) 2824423 - ProApps TROJAN Nomri (Cmstar related) DNS Lookup (trojan.rules) 2824424 - ProApps TROJAN Nomri (Cmstar related) DNS Lookup (trojan.rules) 2824425 - ProApps MOBILE_MALWARE Android.Trojan.InfoStealer.IB .onion Proxy Domain (mobile_malware.rules) 2824426 - ProApps MOBILE_MALWARE Android.Trojan.FakeInst.DU Checkin 2 (mobile_malware.rules) 2824427 - ProApps CURRENT_EVENTS Possible SunDownEK Payload Jan 13 2017 (current_events.rules) 2824428 - ProApps WEB_SERVER PHP Ransomware Crypter Upload (web_server.rules) 2824429 - ProApps TROJAN MSIL/ShinoBot HTTP CnC Checkin (trojan.rules) 2824430 - ProApps CURRENT_EVENTS Successful Stripe Phish Jan 13 2017 (current_events.rules) 2824431 - ProApps CURRENT_EVENTS Successful Paypal Phish M1 Jan 13 2017 (current_events.rules) 2824432 - ProApps CURRENT_EVENTS Successful Paypal Phish M2 Jan 13 2017 (current_events.rules) 2824433 - ProApps CURRENT_EVENTS Successful RBC Royal Bank Phish Jan 13 2017 (current_events.rules) 2824434 - ProApps CURRENT_EVENTS Successful Santander Bank Phish M1 Jan 13 2017 (current_events.rules) 2824435 - ProApps CURRENT_EVENTS Successful Santander Bank Phish M2 Jan 13 2017 (current_events.rules) 2824436 - ProApps CURRENT_EVENTS Successful Santander Bank Phish M3 Jan 13 2017 (current_events.rules) 2824437 - ProApps CURRENT_EVENTS Successful Santander Bank Phish M4 Jan 13 2017 (current_events.rules) [+++] Modify rules: 173 [+++] 2013721 - ProApps TROJAN Suspicious User-Agent (WindowsNT) With No Separating Space (trojan.rules) 2016935 - ProApps WEB_SERVER SQL Injection Select Sleep Time Delay (web_server.rules) 2018575 - ProApps TROJAN Possible Andromeda download with fake Zip header (1) (trojan.rules) 2018576 - ProApps TROJAN Possible Andromeda download with fake Zip header (2) (trojan.rules) 2021918 - ProApps TROJAN DustySky Checkin (trojan.rules) 2022939 - ProApps CURRENT_EVENTS Possible Pony DLL Download (current_events.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 223 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 444 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 805 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 1881 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 2222 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4102 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 4433 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 4492 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405054 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2803784 - ProApps SCADA Rockwell RNA Message Negative Header Length (scada.rules) 2806121 - ProApps MOBILE_MALWARE Trojan.AndroidOS.MTK.a Checkin (mobile_malware.rules) 2822347 - ProApps CURRENT_EVENTS Successful Adobe Shared Document Phish Oct 3 2016 (current_events.rules) 2822380 - ProApps CURRENT_EVENTS Successful Paypal Phish Oct 04 2016 (current_events.rules) 2822430 - ProApps CURRENT_EVENTS Successful Paypal Phish M1 Oct 06 2016 (current_events.rules) 2822434 - ProApps CURRENT_EVENTS Successful Dropbox Phish Oct 06 2016 (current_events.rules) 2822466 - ProApps CURRENT_EVENTS Successful Paypal Phish M1 Oct 06 2016 (current_events.rules) 2822471 - ProApps CURRENT_EVENTS Successful Google Drive Phish Oct 06 2016 (current_events.rules) 2822482 - ProApps CURRENT_EVENTS SunDown/Xer Payload (URL Primer) (current_events.rules) 2822848 - ProApps CURRENT_EVENTS Successful Generic Phish (Observed in Apple/Paypal/Amazon Campaigns) M1 Oct 25 2016 (current_events.rules) 2822979 - ProApps CURRENT_EVENTS Possible Bizarro SunDown Payload (current_events.rules) [+++] Removed rules: 4 [+++] 2405055 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405056 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2814617 - ProApps CURRENT_EVENTS Successful Excel Online Phish Oct 27 (current_events.rules) 2815247 - ProApps CURRENT_EVENTS Successful Excel Online Phish Dec 8 (current_events.rules) [***] ProApps Security IDS Rules Changelog started Thu Jan 12 17:15:31 2017 [***] [+++] Added rules: 23 [+++] 2023739 - ProApps TROJAN Maldoc Second Stage VBS Downloader with URL Padding (trojan.rules) 2405055 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405056 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2824387 - ProApps TROJAN ARIK/Aaron Keylogger Download Request (trojan.rules) 2824388 - ProApps TROJAN DNS Query to Cerber Domain (1fete1 . top) (trojan.rules) 2824389 - ProApps TROJAN DNS Query to Cerber Domain (1nounl . top) (trojan.rules) 2824390 - ProApps TROJAN DNS Query to Cerber Domain (wiaikl . top) (trojan.rules) 2824391 - ProApps TROJAN DNS Query to Cerber Domain (ut1k1z . top) (trojan.rules) 2824392 - ProApps TROJAN DNS Query to Cerber Domain (h4lu4i . bid) (trojan.rules) 2824393 - ProApps TROJAN DNS Query to Cerber Domain (da34zi . bid) (trojan.rules) 2824394 - ProApps TROJAN DNS Query to Cerber Domain (5p76tw . top) (trojan.rules) 2824395 - ProApps TROJAN Marlboro/Wicked Ransomware CnC Checkin (trojan.rules) 2824396 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.Dalik.a Checkin (mobile_malware.rules) 2824397 - ProApps TROJAN Bluerid Stealer sending pass user via FTP (trojan.rules) 2824398 - ProApps CURRENT_EVENTS Possible Successful Generic Phish (set) Jan 12 2017 (current_events.rules) 2824399 - ProApps CURRENT_EVENTS Successful Paypal Phish M1 Jan 12 2017 (current_events.rules) 2824400 - ProApps CURRENT_EVENTS Successful Netflix Phish M1 Jan 12 2017 (current_events.rules) 2824401 - ProApps CURRENT_EVENTS Successful Netflix Phish M2 Jan 12 2017 (current_events.rules) 2824402 - ProApps CURRENT_EVENTS Successful Paypal Phish M2 Jan 12 2017 (current_events.rules) 2824403 - ProApps CURRENT_EVENTS Successful Apple (CA) Phish Jan 12 2017 (current_events.rules) 2824404 - ProApps CURRENT_EVENTS Successful Bank of America Phish Jan 12 2017 (current_events.rules) 2824405 - ProApps CURRENT_EVENTS Adobe Phishing Landing Jan 12 2017 (current_events.rules) 2824406 - ProApps TROJAN APT28 DealersChoice DNS Lookup (trojan.rules) [+++] Modify rules: 164 [+++] 2003492 - ProApps MALWARE Suspicious Mozilla User-Agent - Likely Fake (Mozilla/4.0) (malware.rules) 2007994 - ProApps MALWARE Suspicious User-Agent (1 space) (malware.rules) 2008120 - ProApps TFTP Outbound TFTP Read Request (tftp.rules) 2013964 - ProApps TROJAN Suspicious UA Mozilla / 4.0 (trojan.rules) 2023497 - ProApps DOS Microsoft Windows LSASS Remote Memory Corruption (CVE-2017-0004) (dos.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 223 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 444 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 805 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 1881 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 1888 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 2087 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 2222 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 3211 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 3993 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 4433 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405054 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2806671 - ProApps TROJAN TeamRat Stealer sending pass user via FTP (trojan.rules) 2814597 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SaveMe.a Checkin (mobile_malware.rules) 2822224 - ProApps CURRENT_EVENTS Successful Western Union/Paypal Phish Sept 26 2016 (current_events.rules) [+++] Removed rules: 5 [+++] 2823017 - ProApps CURRENT_EVENTS Successful Generic Phish Oct 31 2016 (current_events.rules) 2823783 - ProApps CURRENT_EVENTS Successful Generic Phish Dec 12 2016 (current_events.rules) 2823877 - ProApps CURRENT_EVENTS Successful Discover Phish M1 Dec 14 2016 (current_events.rules) 2823902 - ProApps CURRENT_EVENTS Successful Generic Phish Dec 15 2016 (current_events.rules) 2823919 - ProApps CURRENT_EVENTS Successful Generic Phish Dec 16 2016 (current_events.rules) Read more » | |
|
Jan 12 |
ProApps Security IDS Rules Changelog 2017-01-12
Postado por Rafael Honorato on 12/Jan 12:57
|
[***] Summary 2017-01-12 [***] Total added rules: 3574 Total modified rules: 12533 Total removed rules: 1172 [***] ProApps Security IDS Rules Changelog started Wed Jan 11 16:51:35 2017 [***] [+++] Added rules: 59 [+++] 2023716 - ProApps TROJAN Linux/Venom CnC Beacon (trojan.rules) 2023717 - ProApps TROJAN ABUSE.CH SSL Fingerprint Blacklist Malicious SSL Certificate Detected (Gozi MITM) (trojan.rules) 2023718 - ProApps TROJAN ABUSE.CH SSL Fingerprint Blacklist Malicious SSL Certificate Detected (Gozi MITM) (trojan.rules) 2023719 - ProApps TROJAN ABUSE.CH SSL Fingerprint Blacklist Malicious SSL Certificate Detected (Gozi MITM) (trojan.rules) 2023720 - ProApps TROJAN ABUSE.CH SSL Fingerprint Blacklist Malicious SSL Certificate Detected (Gozi MITM) (trojan.rules) 2023721 - ProApps TROJAN ABUSE.CH SSL Fingerprint Blacklist Malicious SSL Certificate Detected (Gozi MITM) (trojan.rules) 2023722 - ProApps TROJAN ABUSE.CH SSL Fingerprint Blacklist Malicious SSL Certificate Detected (Quakbot CnC) (trojan.rules) 2023723 - ProApps TROJAN ABUSE.CH SSL Fingerprint Blacklist Malicious SSL Certificate Detected (Gozi CnC) (trojan.rules) 2023724 - ProApps TROJAN ABUSE.CH SSL Fingerprint Blacklist Malicious SSL Certificate Detected (Gozi MITM) (trojan.rules) 2023725 - ProApps TROJAN ABUSE.CH SSL Fingerprint Blacklist Malicious SSL Certificate Detected (Malware CnC) (trojan.rules) 2023726 - ProApps TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Chthonic CnC) (trojan.rules) 2023727 - ProApps TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (TrickBot CnC) (trojan.rules) 2023728 - ProApps TROJAN Spora Ransomware DNS Query (trojan.rules) 2023729 - ProApps TROJAN DeepEnd Research Ransomware PadCrypt .onion Proxy Domain (trojan.rules) 2023730 - ProApps TROJAN DeepEnd Research Ransomware CrypMIC Payment Onion Domain (trojan.rules) 2023731 - ProApps TROJAN DeepEnd Research Ransomware CrypMIC Payment Onion Domain (trojan.rules) 2023732 - ProApps TROJAN DeepEnd Research Ransomware CrypMIC Payment Onion Domain (trojan.rules) 2023733 - ProApps TROJAN DeepEnd Research Ransomware PadCrypt .onion Proxy Domain (trojan.rules) 2023734 - ProApps TROJAN DeepEnd Research Ransomware PadCrypt .onion Proxy Domain (trojan.rules) 2023735 - ProApps TROJAN DeepEnd Research Ransomware CrypMIC Payment Onion Domain (trojan.rules) 2023736 - ProApps TROJAN DeepEnd Research Ransomware CryptoWall .onion Proxy Domain (trojan.rules) 2023737 - ProApps TROJAN Ransomware CrypMIC Payment Onion Domain (trojan.rules) 2023738 - ProApps TROJAN Ransomware CrypMIC Payment Onion Domain (trojan.rules) 2405054 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2824352 - ProApps TROJAN Possible Remcos/Remvio DNS Lookup (trojan.rules) 2824353 - ProApps CURRENT_EVENTS Successful Scotiabank Phish Jan 11 2017 (current_events.rules) 2824354 - ProApps CURRENT_EVENTS Successful Fidelity Phish M1 Jan 11 2017 (current_events.rules) 2824355 - ProApps CURRENT_EVENTS Successful Fidelity Phish M2 Jan 11 2017 (current_events.rules) 2824356 - ProApps CURRENT_EVENTS Successful Generic Webmail Phish Jan 11 2017 (current_events.rules) 2824357 - ProApps TROJAN Malicious SSL Certificate Detected (Gootkit CnC) (trojan.rules) 2824358 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.GlodEagl.a Checkin (mobile_malware.rules) 2824359 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2824360 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2824361 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2824362 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2824363 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2824364 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2824365 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2824366 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2017-01-11 1) (trojan.rules) 2824367 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2017-01-11 2) (trojan.rules) 2824368 - ProApps TROJAN Oilrig Dev VBS Checkin (trojan.rules) 2824369 - ProApps TROJAN Oilrig DNS TXT Response (trojan.rules) 2824370 - ProApps TROJAN Cerber Blockchain Query (trojan.rules) 2824371 - ProApps TROJAN DNS Query to Cerber Domain (1ja4no . top) (trojan.rules) 2824372 - ProApps TROJAN DNS Query to Cerber Domain (16jpgp . top) (trojan.rules) 2824373 - ProApps TROJAN DNS Query to Cerber Domain (1lseoi . top) (trojan.rules) 2824374 - ProApps TROJAN DNS Query to Cerber Domain (1bwh8a . top) (trojan.rules) 2824375 - ProApps TROJAN DNS Query to Cerber Domain (12nypw . top) (trojan.rules) 2824376 - ProApps TROJAN DNS Query to Cerber Domain (1fpeer . top) (trojan.rules) 2824377 - ProApps TROJAN DNS Query to Cerber Domain (1cngub . top) (trojan.rules) 2824378 - ProApps CURRENT_EVENTS Successful SmarterMail Phish Jan 11 2017 (current_events.rules) 2824379 - ProApps CURRENT_EVENTS Successful Banque Et Assurances (FR) Phish Jan 11 2017 (current_events.rules) 2824380 - ProApps CURRENT_EVENTS Successful HM Revenue Phish M1 Jan 11 2017 (current_events.rules) 2824381 - ProApps CURRENT_EVENTS Successful HM Revenue Phish M2 Jan 11 2017 (current_events.rules) 2824382 - ProApps CURRENT_EVENTS Successful Blockchain.info Phish Jan 11 2017 (current_events.rules) 2824383 - ProApps CURRENT_EVENTS Successful Personalized Excel Online Phish Jan 11 2017 (current_events.rules) 2824384 - ProApps CURRENT_EVENTS Successful Personalized Generic Webmail Phish M1 Jan 11 2017 (current_events.rules) 2824385 - ProApps CURRENT_EVENTS Successful Personalized Generic Webmail Phish M2 Jan 11 2017 (current_events.rules) 2824386 - ProApps CURRENT_EVENTS Successful Personalized Yahoo Phish Jan 11 2017 (current_events.rules) [+++] Modify rules: 158 [+++] 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 223 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 444 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 805 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 1881 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 2222 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 3993 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 4433 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 11 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2810582 - ProApps TROJAN WIN32/KOVTER.B Checkin 2 (trojan.rules) 2821130 - ProApps TROJAN Win32/Unknown Fake SSL CnC Beacon 2 (trojan.rules) 2823978 - ProApps TROJAN Aaron Remote Keylogger Checkin (trojan.rules) [+++] Removed rules: 1 [+++] 2017998 - ProApps CURRENT_EVENTS Possible IE/SilverLight GoonEK Payload Download (current_events.rules) [***] ProApps Security IDS Rules Changelog started Tue Jan 10 17:10:08 2017 [***] [+++] Added rules: 54 [+++] 2023713 - ProApps INFO MP4 in HTTP Flowbit Set (info.rules) 2023714 - ProApps INFO ATF file in HTTP Flowbit Set (info.rules) 2023715 - ProApps INFO Adobe FDF in HTTP Flowbit Set (info.rules) 2824301 - ProApps CURRENT_EVENTS Possible Successful Paypal Phish Jan 09 2017 (current_events.rules) 2824302 - ProApps WEB_CLIENT Possible Adobe Flash mp4 parsing OOB Memory Access (CVE-2017-2926) (web_client.rules) 2824303 - ProApps WEB_CLIENT Possible Adobe Flash ATF parsing OOB Memory Access (CVE-2017-2927) (web_client.rules) 2824304 - ProApps WEB_CLIENT Possible Adobe Flash OOB Memory Access (CVE-2017-2928) (web_client.rules) 2824305 - ProApps WEB_CLIENT Possible Adobe Flash OOB Memory Access (CVE-2017-2931) (web_client.rules) 2824306 - ProApps WEB_CLIENT Possible Adobe Flash UAF (CVE-2017-2932) (web_client.rules) 2824307 - ProApps WEB_CLIENT Possible Adobe Flash ATF parsing OOB Memory Access (CVE-2017-2933) (web_client.rules) 2824308 - ProApps WEB_CLIENT Possible Adobe Flash ATF parsing OOB Memory Access (CVE-2017-2934) (web_client.rules) 2824309 - ProApps WEB_CLIENT Possible Adobe Flash FLV parsing OOB Memory Access (CVE-2017-2935) (web_client.rules) 2824310 - ProApps WEB_CLIENT Possible Adobe Flash UAF (CVE-2017-2936) (web_client.rules) 2824311 - ProApps WEB_CLIENT Possible Adobe Flash UAF (CVE-2017-2937) (web_client.rules) 2824312 - ProApps WEB_CLIENT Possible Adobe Reader (CVE-2017-2941) (web_client.rules) 2824313 - ProApps WEB_CLIENT Possible Adobe Reader (CVE-2017-2947) (web_client.rules) 2824314 - ProApps WEB_CLIENT Possible Adobe Reader (CVE-2017-2948) (web_client.rules) 2824315 - ProApps WEB_CLIENT Possible Adobe Reader (CVE-2017-2949) (web_client.rules) 2824316 - ProApps WEB_CLIENT Possible Adobe Reader (CVE-2017-2946) (web_client.rules) 2824317 - ProApps WEB_CLIENT Possible Adobe Reader (CVE-2017-2950) (web_client.rules) 2824318 - ProApps WEB_CLIENT Possible Acrobat Reader JS Use After Free (CVE-2017-2955) (web_client.rules) 2824319 - ProApps WEB_CLIENT Possible Acrobat Reader JS Use After Free (CVE-2017-2957) (web_client.rules) 2824320 - ProApps WEB_CLIENT Possible Acrobat Reader JS Use After Free (CVE-2017-2958) (web_client.rules) 2824321 - ProApps WEB_CLIENT Possible Adobe Reader Memory Corruption Attempt (CVE-2017-2960) (web_client.rules) 2824322 - ProApps WEB_CLIENT Possible Adobe Reader (CVE-2017-2961) (web_client.rules) 2824323 - ProApps WEB_CLIENT Possible Adobe Reader TIFF Memory Corruption (CVE-2017-2963) (web_client.rules) 2824324 - ProApps WEB_CLIENT Possible Adobe Reader Memory Corruption Attempt (CVE-2017-2964) (web_client.rules) 2824325 - ProApps WEB_CLIENT Possible Adobe Reader TIFF OOB Memory Access (CVE-2017-2965) (web_client.rules) 2824326 - ProApps WEB_CLIENT Possible Adobe Reader TIFF Memory Corruption (CVE-2017-2966) (web_client.rules) 2824327 - ProApps WEB_CLIENT Possible Adobe Reader (CVE-2017-2967) (web_client.rules) 2824328 - ProApps TROJAN DNS Query to Cerber Domain (3p2gx6 . top) (trojan.rules) 2824329 - ProApps TROJAN DNS Query to Cerber Domain (bds4sn . top) (trojan.rules) 2824330 - ProApps TROJAN DNS Query to Cerber Domain (ac7zvz . top) (trojan.rules) 2824331 - ProApps TROJAN DNS Query to Cerber Domain (5a5vmh . top) (trojan.rules) 2824332 - ProApps TROJAN DNS Query to Cerber Domain (hzrekn . top) (trojan.rules) 2824333 - ProApps TROJAN DNS Query to Cerber Domain (sz209n . bid) (trojan.rules) 2824334 - ProApps TROJAN DNS Query to Cerber Domain (iyv3uw . top) (trojan.rules) 2824335 - ProApps TROJAN DNS Query to Cerber Domain (1nc6uc . top) (trojan.rules) 2824336 - ProApps TROJAN DNS Query to Cerber Domain (6x202r . top) (trojan.rules) 2824337 - ProApps TROJAN DNS Query to Cerber Domain (2gayao . bid) (trojan.rules) 2824338 - ProApps CURRENT_EVENTS Successful Paypal Phish M1 Jan 10 2017 (current_events.rules) 2824339 - ProApps CURRENT_EVENTS Successful Paypal Phish M2 Jan 10 2017 (current_events.rules) 2824340 - ProApps CURRENT_EVENTS Successful Free Mobile (FR) Phish Jan 10 2017 (current_events.rules) 2824341 - ProApps CURRENT_EVENTS Successful Paypal Phish M3 Jan 10 2017 (current_events.rules) 2824342 - ProApps CURRENT_EVENTS Successful Paypal Phish M4 Jan 10 2017 (current_events.rules) 2824343 - ProApps CURRENT_EVENTS Successful Paypal Phish M5 Jan 10 2017 (current_events.rules) 2824344 - ProApps CURRENT_EVENTS Successful Paypal Phish M6 Jan 10 2017 (current_events.rules) 2824345 - ProApps CURRENT_EVENTS Successful Vodafone Phish M1 Jan 10 2017 (current_events.rules) 2824346 - ProApps CURRENT_EVENTS Successful Vodafone Phish M2 Jan 10 2017 (current_events.rules) 2824347 - ProApps CURRENT_EVENTS Successful Vodafone Phish M3 Jan 10 2017 (current_events.rules) 2824348 - ProApps CURRENT_EVENTS Successful Bank of America Phish Jan 10 2017 (current_events.rules) 2824349 - ProApps CURRENT_EVENTS Successful RBC Phish Jan 10 2017 (current_events.rules) 2824350 - ProApps TROJAN Maktub Locker TOR Status Check (trojan.rules) 2824351 - ProApps TROJAN Zeus Panda Injects Domain in SNI (trojan.rules) [+++] Modify rules: 159 [+++] 2014726 - ProApps POLICY Outdated Windows Flash Version IE (policy.rules) 2022639 - ProApps TROJAN Possible Locky Ransomware Writing Encrypted File over - SMB and SMB-DS v2 (trojan.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 223 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 444 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 805 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 1881 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 2222 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 3993 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 4433 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2822633 - ProApps TROJAN Win32/Zacom.I CnC Checkin (trojan.rules) 2823263 - ProApps CURRENT_EVENTS Possible Successful Generic Phish (set) Nov 15 2016 (current_events.rules) [+++] Removed rules: 3 [+++] 2405054 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2822671 - ProApps CURRENT_EVENTS Possible Successful Generic Phish (set) Oct 17 (current_events.rules) 2822915 - ProApps CURRENT_EVENTS Possible Successful Generic Phish (set) Oct 26 (current_events.rules) [***] ProApps Security IDS Rules Changelog started Mon Jan 9 17:48:16 2017 [***] [+++] Added rules: 39 [+++] 2023707 - ProApps MALWARE MultiPlug.J Checkin (malware.rules) 2023708 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher SSL CnC Cert (mobile_malware.rules) 2023709 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2023710 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2023711 - ProApps TROJAN JS/WSF Downloader Dec 08 2016 M7 (trojan.rules) 2023712 - ProApps CURRENT_EVENTS Paypal Phishing Landing Jan 09 2017 (current_events.rules) 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405054 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2824270 - ProApps TROJAN Banking PowerShell .onion Proxy Domain (trojan.rules) 2824271 - ProApps TROJAN Banking PowerShell .onion Proxy Domain (trojan.rules) 2824272 - ProApps TROJAN Banking PowerShell .onion Proxy Domain (trojan.rules) 2824273 - ProApps TROJAN Zeus Panda Banker Malicious SSL Certificate Detected (trojan.rules) 2824274 - ProApps TROJAN Zeus Panda Injects Domain in SNI (trojan.rules) 2824275 - ProApps TROJAN MSIL/Unk.Stealer Sending Screenshots (trojan.rules) 2824276 - ProApps CURRENT_EVENTS Successful Navy Federal Credit Union Phish Jan 09 2017 (current_events.rules) 2824277 - ProApps CURRENT_EVENTS Successful Banque Populaire Phish Jan 09 2017 (current_events.rules) 2824278 - ProApps CURRENT_EVENTS Successful UBS Financial Services Phish Jan 09 2017 (current_events.rules) 2824279 - ProApps CURRENT_EVENTS Successful AirBnB Phish Jan 09 2017 (current_events.rules) 2824280 - ProApps CURRENT_EVENTS Successful Paypal Phish M1 Jan 09 2017 (current_events.rules) 2824281 - ProApps CURRENT_EVENTS Successful Paypal Phish M2 Jan 09 2017 (current_events.rules) 2824282 - ProApps CURRENT_EVENTS Successful USAA Phish Jan 09 2017 (current_events.rules) 2824283 - ProApps CURRENT_EVENTS Successful HM Revenue Phish Jan 09 2017 (current_events.rules) 2824284 - ProApps CURRENT_EVENTS Phishing Landing Checking Browser/OS/Platform Phish Jan 09 2017 (current_events.rules) 2824285 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2017-01-09 1) (trojan.rules) 2824286 - ProApps TROJAN NanoCore RAT CnC 23 (trojan.rules) 2824287 - ProApps WEB_SERVER DarkShell PHP Shell Access (web_server.rules) 2824288 - ProApps WEB_SERVER DarkShell PHP Shell Upload (web_server.rules) 2824289 - ProApps TROJAN VertexNet .onion Proxy Domain (trojan.rules) 2824290 - ProApps TROJAN DNS Query to Cerber Domain (162egg . top) (trojan.rules) 2824291 - ProApps TROJAN DNS Query to Cerber Domain (4bzlfh . top) (trojan.rules) 2824292 - ProApps TROJAN DNS Query to Cerber Domain (lxvmhm . top) (trojan.rules) 2824293 - ProApps TROJAN DNS Query to Cerber Domain (1nsnuh . top) (trojan.rules) 2824294 - ProApps TROJAN DNS Query to Cerber Domain (14xmig . top) (trojan.rules) 2824295 - ProApps TROJAN DNS Query to Cerber Domain (r1sjrp . top) (trojan.rules) 2824296 - ProApps TROJAN DNS Query to Cerber Domain (16iqt6 . top) (trojan.rules) 2824297 - ProApps TROJAN DNS Query to Cerber Domain (w5hilw . top) (trojan.rules) 2824298 - ProApps TROJAN DNS Query to Cerber Domain (momg04 . top) (trojan.rules) 2824299 - ProApps TROJAN DNS Query to Cerber Domain (79j8fm . top) (trojan.rules) 2824300 - ProApps TROJAN MalDoc Downloader SSL Cert Jan 09 2017 (trojan.rules) [+++] Modify rules: 193 [+++] 2023679 - ProApps TROJAN JS/WSF Downloader Dec 08 2016 M6 (trojan.rules) 2023699 - ProApps EXPLOIT Possible Microsoft Edge Chakra.dll Type Confusion (CVE-2016-7200 CVE-2016-7201) Observed in SunDown EK 3 (exploit.rules) 2400000 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 1 (drop.rules) 2400001 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 2 (drop.rules) 2400002 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 3 (drop.rules) 2400003 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 4 (drop.rules) 2400004 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 5 (drop.rules) 2400005 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 6 (drop.rules) 2400006 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 7 (drop.rules) 2400007 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 8 (drop.rules) 2400008 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 9 (drop.rules) 2400009 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 10 (drop.rules) 2400010 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 11 (drop.rules) 2400011 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 12 (drop.rules) 2400012 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 13 (drop.rules) 2400013 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 14 (drop.rules) 2400014 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 15 (drop.rules) 2400015 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 16 (drop.rules) 2400016 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 17 (drop.rules) 2400017 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 18 (drop.rules) 2400018 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 19 (drop.rules) 2400019 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 20 (drop.rules) 2400020 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 21 (drop.rules) 2400021 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 22 (drop.rules) 2400022 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 23 (drop.rules) 2400023 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 24 (drop.rules) 2400024 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 25 (drop.rules) 2400025 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 26 (drop.rules) 2400026 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 27 (drop.rules) 2400027 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 28 (drop.rules) 2400028 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 29 (drop.rules) 2400029 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 30 (drop.rules) 2400030 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 31 (drop.rules) 2400031 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 32 (drop.rules) 2400032 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 33 (drop.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 223 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 444 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 805 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 1881 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 2222 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 3993 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 4433 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 11 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2809636 - ProApps MOBILE_MALWARE Android/Locker.Q Checkin (mobile_malware.rules) 2823400 - ProApps CURRENT_EVENTS Successful USAA Phish Nov 21 2016 (current_events.rules) 2824154 - ProApps CURRENT_EVENTS Successful Paypal Phish Dec 30 2016 (current_events.rules) 2824191 - ProApps CURRENT_EVENTS SunDown EK Landing Jan 04 2016 (current_events.rules) [+++] Removed rules: 1 [+++] 2815807 - ProApps CURRENT_EVENTS Possible Nuclear Landing with URI Primer (current_events.rules) [***] ProApps Security IDS Rules Changelog started Fri Jan 6 16:04:49 2017 [***] [+++] Added rules: 35 [+++] 2016394 - ProApps INFO Adobe Flash Uncompressed (info.rules) 2023699 - ProApps EXPLOIT Possible Microsoft Edge Chakra.dll Type Confusion (CVE-2016-7200/CVE-2016-7201) Observed in SunDown EK 3 (exploit.rules) 2023700 - ProApps EXPLOIT Possible Microsoft Edge Chakra.dll Type Confusion (CVE-2016-7200 CVE-2016-7201) Observed in SunDown EK 1 (exploit.rules) 2023701 - ProApps EXPLOIT Possible Microsoft Edge Chakra.dll Type Confusion (CVE-2016-7200 CVE-2016-7201) Observed in SunDown EK 2 (exploit.rules) 2023702 - ProApps EXPLOIT Possible Microsoft Edge Chakra.dll Type Confusion (CVE-2016-7200 CVE-2016-7201) B641 (exploit.rules) 2023703 - ProApps EXPLOIT Possible Microsoft Edge Chakra.dll Type Confusion (CVE-2016-7200 CVE-2016-7201) B642 (exploit.rules) 2023704 - ProApps EXPLOIT Possible Microsoft Edge Chakra.dll Type Confusion (CVE-2016-7200 CVE-2016-7201) B643 (exploit.rules) 2023705 - ProApps TROJAN ABUSE.CH Ransomware Domain Detected (Locky C2) (trojan.rules) 2023706 - ProApps TROJAN ABUSE.CH Ransomware Domain Detected (TorrentLocker Payment) (trojan.rules) 2824244 - ProApps TROJAN Observed Malicious SSL Certificate (Orcus RAT) (trojan.rules) 2824245 - ProApps CURRENT_EVENTS Let s Encrypt Certificate Used in Paypal Phishing (current_events.rules) 2824246 - ProApps CURRENT_EVENTS Phishing Landing Checking Browser/OS/Platform Jan 05 2017 (current_events.rules) 2824247 - ProApps CURRENT_EVENTS Successful Paypal Phish Jan 06 2017 (current_events.rules) 2824248 - ProApps TROJAN Zeus Panda Banker Malicious SSL Certificate Detected (trojan.rules) 2824249 - ProApps MOBILE_MALWARE Android.Riskware.SmsPay.ED Checkin (mobile_malware.rules) 2824250 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2017-01-06 1) (trojan.rules) 2824251 - ProApps TROJAN MSIL/Peppy CnC Beacon (Ping) (trojan.rules) 2824252 - ProApps TROJAN MSIL/Peppy CnC Beacon (POST) (trojan.rules) 2824253 - ProApps TROJAN MSIL/Peppy CnC Beacon (User-Agent) (trojan.rules) 2824254 - ProApps TROJAN MSIL/Peppy Retrieving Payload (trojan.rules) 2824255 - ProApps TROJAN Oilrig Powershell DL Request (trojan.rules) 2824256 - ProApps TROJAN Oilrig update.vbs Upload Request (trojan.rules) 2824257 - ProApps TROJAN MM Core Retrieving Payload (trojan.rules) 2824258 - ProApps TROJAN MM Core CnC Beacon (trojan.rules) 2824259 - ProApps TROJAN DNS Query to Cerber Domain (uunmkj . top) (trojan.rules) 2824260 - ProApps TROJAN DNS Query to Cerber Domain (reu88i . top) (trojan.rules) 2824261 - ProApps TROJAN DNS Query to Cerber Domain (prbuoi . top) (trojan.rules) 2824262 - ProApps TROJAN DNS Query to Cerber Domain (gyciiz . top) (trojan.rules) 2824263 - ProApps TROJAN DNS Query to Cerber Domain (72z4vw . top) (trojan.rules) 2824264 - ProApps TROJAN DNS Query to Cerber Domain (1m3exl . top) (trojan.rules) 2824265 - ProApps TROJAN DNS Query to Cerber Domain (gzxtez . top) (trojan.rules) 2824266 - ProApps TROJAN DNS Query to Cerber Domain (13jukv . top) (trojan.rules) 2824267 - ProApps TROJAN DNS Query to Cerber Domain (ozwwt1 . top) (trojan.rules) 2824268 - ProApps TROJAN DNS Query to Cerber Domain (17kuzd . top) (trojan.rules) 2824269 - ProApps MOBILE_MALWARE Trojan-SMS.AndroidOS.Agent.w CnC Beacon (mobile_malware.rules) [+++] Modify rules: 161 [+++] 2013964 - ProApps TROJAN Suspicious UA Mozilla / 4.0 (trojan.rules) 2014154 - ProApps CURRENT_EVENTS DRIVEBY PDF Containing Subform with JavaScript (current_events.rules) 2019490 - ProApps EXPLOIT Possible Malicious NAT-PMP Response to External Network (exploit.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 223 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 444 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 805 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 1881 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 2222 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 4433 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 11 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2811866 - ProApps MOBILE_MALWARE Android/SMSreg.TD Checkin (mobile_malware.rules) 2814022 - ProApps MOBILE_MALWARE Trojan-Downloader.AndroidOS.Leech.a Checkin (mobile_malware.rules) 2822601 - ProApps TROJAN Backdoor.Win32.Mocker CnC Beacon (GET) (trojan.rules) 2824220 - ProApps CURRENT_EVENTS Possible SunDown EK Landing URI Struct Jan 05 2017 (current_events.rules) [+++] Removed rules: 2 [+++] 2008352 - ProApps TROJAN CoreFlooder.Q Data Posting (trojan.rules) 2016394 - ProApps WEB_CLIENT Adobe Flash Uncompressed (web_client.rules) [***] ProApps Security IDS Rules Changelog started Thu Jan 5 16:48:08 2017 [***] [+++] Added rules: 37 [+++] 2023695 - ProApps TROJAN W32/Cerber.Ransomware CnC Checkin M4 (trojan.rules) 2023696 - ProApps CURRENT_EVENTS Successful Bradesco Bank Phish M1 Jan 05 2017 (current_events.rules) 2023697 - ProApps CURRENT_EVENTS Successful Bradesco Bank Phish M2 Jan 05 2017 (current_events.rules) 2023698 - ProApps CURRENT_EVENTS Successful National Bank Phish Jan 05 2017 (current_events.rules) 2824211 - ProApps CURRENT_EVENTS Successful IRS Phish Jan 04 2017 (current_events.rules) 2824212 - ProApps CURRENT_EVENTS Successful Turbotax Phish Jan 04 2017 (current_events.rules) 2824213 - ProApps CURRENT_EVENTS Successful Netflix Payment Phish M1 Jan 04 2017 (current_events.rules) 2824214 - ProApps CURRENT_EVENTS Successful Netflix Payment Phish M2 Jan 04 2017 (current_events.rules) 2824215 - ProApps CURRENT_EVENTS Successful PostFinance (DE) Phish Jan 04 2017 (current_events.rules) 2824216 - ProApps TROJAN Rerdom Variant CnC (trojan.rules) 2824217 - ProApps CURRENT_EVENTS Successful Paypal Phish M1 Jan 05 2017 (current_events.rules) 2824218 - ProApps CURRENT_EVENTS Successful Paypal Phish M2 Jan 05 2017 (current_events.rules) 2824219 - ProApps CURRENT_EVENTS Successful Paypal Phish M3 Jan 05 2017 (current_events.rules) 2824220 - ProApps CURRENT_EVENTS Possible SunDown EK Landing URI Struct Jan 05 2017 (current_events.rules) 2824221 - ProApps TROJAN DNS Query to Cerber Domain (1hzgre . top) (trojan.rules) 2824222 - ProApps TROJAN DNS Query to Cerber Domain (1hkmxu . top) (trojan.rules) 2824223 - ProApps TROJAN DNS Query to Cerber Domain (1cuxcy . top) (trojan.rules) 2824224 - ProApps TROJAN DNS Query to Cerber Domain (j3aad9 . top) (trojan.rules) 2824225 - ProApps TROJAN DNS Query to Cerber Domain (ewg6uf . bid) (trojan.rules) 2824226 - ProApps TROJAN DNS Query to Cerber Domain (pa5z2s . top) (trojan.rules) 2824227 - ProApps TROJAN DNS Query to Cerber Domain (1pgtzf . top) (trojan.rules) 2824228 - ProApps TROJAN DNS Query to Cerber Domain (pxluvi . top) (trojan.rules) 2824229 - ProApps TROJAN DNS Query to Cerber Domain (jl1hkd . top) (trojan.rules) 2824230 - ProApps TROJAN DNS Query to Cerber Domain (2msuuj . top) (trojan.rules) 2824231 - ProApps TROJAN Zeus Panda Banker Malicious SSL Certificate Detected (trojan.rules) 2824232 - ProApps TROJAN Unknown PowerShell Downloader .onion Proxy Domain (trojan.rules) 2824233 - ProApps CURRENT_EVENTS Evil Redirect to Magnitude EK Jan 05 2017 (current_events.rules) 2824234 - ProApps CURRENT_EVENTS Successful IRS Phish Jan 05 2017 (current_events.rules) 2824235 - ProApps CURRENT_EVENTS Successful Bank of America Phish M1 Jan 05 2017 (current_events.rules) 2824236 - ProApps CURRENT_EVENTS Successful Bank of America Phish M2 Jan 05 2017 (current_events.rules) 2824237 - ProApps CURRENT_EVENTS Successful Apple Phish M1 Jan 05 2017 (current_events.rules) 2824238 - ProApps CURRENT_EVENTS Successful Apple Phish M2 Jan 05 2017 (current_events.rules) 2824239 - ProApps CURRENT_EVENTS Successful Apple Phish M3 Jan 05 2017 (current_events.rules) 2824240 - ProApps CURRENT_EVENTS Successful Apple Phish M4 Jan 05 2017 (current_events.rules) 2824241 - ProApps CURRENT_EVENTS Successful Paypal Phish M4 Jan 05 2017 (current_events.rules) 2824242 - ProApps CURRENT_EVENTS Successful Paypal Phish M5 Jan 05 2017 (current_events.rules) 2824243 - ProApps CURRENT_EVENTS Successful Paypal Phish M6 Jan 05 2017 (current_events.rules) [+++] Modify rules: 161 [+++] 2003337 - ProApps MALWARE Suspicious User Agent (Autoupdate) (malware.rules) 2003492 - ProApps MALWARE Suspicious Mozilla User-Agent - Likely Fake (Mozilla/4.0) (malware.rules) 2006357 - ProApps MALWARE User Agent (TEST) - Likely Webhancer Related Spyware (malware.rules) 2008259 - ProApps TROJAN Suspicious User-Agent (AutoHotkey) (trojan.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 223 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 444 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 805 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 1881 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 2222 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 4433 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 11 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2823535 - ProApps CURRENT_EVENTS RIG EK Landing Nov 30 2016 (RIG-v) (current_events.rules) 2823855 - ProApps CURRENT_EVENTS SunDown EK Flash Exploit Dec 13 2016 (current_events.rules) 2823894 - ProApps CURRENT_EVENTS Magnitude EK Landing Dec 14 2016 (current_events.rules) [+++] Removed rules: 2 [+++] 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2822597 - ProApps MOBILE_MALWARE Android.Trojan.SLocker.IE Checkin 2 (mobile_malware.rules) [***] ProApps Security IDS Rules Changelog started Wed Jan 4 16:54:18 2017 [***] [+++] Added rules: 26 [+++] 2023693 - ProApps TROJAN Win32.Banker.bqba Checkin (trojan.rules) 2023694 - ProApps TROJAN Blackmoon/Banbra Configuration Request M2 (trojan.rules) 2824187 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Faketoken.c Checkin (mobile_malware.rules) 2824188 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2824189 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher SSL CnC Cert (mobile_malware.rules) 2824190 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2824191 - ProApps CURRENT_EVENTS SunDown EK Landing Jan 04 2016 (current_events.rules) 2824192 - ProApps TROJAN Unknown Backdoor Checkin (trojan.rules) 2824193 - ProApps TROJAN Donoff .onion Proxy Domain (trojan.rules) 2824194 - ProApps MOBILE_MALWARE Android/Spy.NickiSpy.C Checkin (mobile_malware.rules) 2824195 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.Nyleaker.a Checkin (mobile_malware.rules) 2824196 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2017-01-04 1) (trojan.rules) 2824197 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2017-01-04 2) (trojan.rules) 2824198 - ProApps TROJAN Bitcoin Miner Known Malicious Basic Auth (c2NhcHVsYS4zOjM=) (trojan.rules) 2824199 - ProApps TROJAN DNS Query to Cerber Domain (1mstqg . top) (trojan.rules) 2824200 - ProApps TROJAN DNS Query to Cerber Domain (1gaje2 . top) (trojan.rules) 2824201 - ProApps TROJAN DNS Query to Cerber Domain (13inb1 . top) (trojan.rules) 2824202 - ProApps TROJAN DNS Query to Cerber Domain (vcev5c . top) (trojan.rules) 2824203 - ProApps TROJAN DNS Query to Cerber Domain (p7k7t4 . top) (trojan.rules) 2824204 - ProApps TROJAN DNS Query to Cerber Domain (tep6xb . top) (trojan.rules) 2824205 - ProApps TROJAN DNS Query to Cerber Domain (pkx86a . top) (trojan.rules) 2824206 - ProApps TROJAN DNS Query to Cerber Domain (omc09c . top) (trojan.rules) 2824207 - ProApps TROJAN DNS Query to Cerber Domain (vc5s8b . top) (trojan.rules) 2824208 - ProApps TROJAN DNS Query to Cerber Domain (gjbmis . top) (trojan.rules) 2824209 - ProApps TROJAN MSIL/Unknown.DLer Checkin (trojan.rules) 2824210 - ProApps TROJAN Win32/Lizard.ddos Checkin (trojan.rules) [+++] Modify rules: 157 [+++] 2002400 - ProApps USER_AGENTS Suspicious User Agent (Microsoft Internet Explorer) (user_agents.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 223 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 444 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 805 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 1863 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 1881 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 2222 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 4433 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2821355 - ProApps TROJAN Win32/Spy.Banker.BR Variant Reporting Infection (trojan.rules) [+++] Removed rules: 4 [+++] 2811747 - ProApps CURRENT_EVENTS Angler EK Landing URI Struct Jun 30 M3 (current_events.rules) 2812699 - ProApps TROJAN Win32.Banker.bqba Checkin (trojan.rules) 2812766 - ProApps TROJAN KRBanker Retrieving IP (trojan.rules) 2822137 - ProApps TROJAN Win64/Banload Variant CnC Checkin (trojan.rules) [***] ProApps Security IDS Rules Changelog started Tue Jan 3 17:49:19 2017 [***] [+++] Added rules: 43 [+++] 2000348 - ProApps POLICY IRC Channel JOIN on non-standard port (policy.rules) 2023691 - ProApps TROJAN MRCR1 Ransomware Checkin M1 (trojan.rules) 2023692 - ProApps TROJAN MRCR1 Ransomware Checkin M2 (trojan.rules) 2824147 - ProApps CURRENT_EVENTS Successful Paypal Phish M1 Dec 30 2016 (current_events.rules) 2824148 - ProApps CURRENT_EVENTS Successful Paypal Phish M2 Dec 30 2016 (current_events.rules) 2824149 - ProApps CURRENT_EVENTS Successful Santander Bank Phish Dec 30 2016 (current_events.rules) 2824150 - ProApps CURRENT_EVENTS Successful CIBC Phish Dec 30 2016 (current_events.rules) 2824151 - ProApps CURRENT_EVENTS Successful Santander Phish (set) M1 Dec 30 2016 (current_events.rules) 2824152 - ProApps CURRENT_EVENTS Successful Santander Phish (set) M1 Dec 30 2016 (current_events.rules) 2824153 - ProApps CURRENT_EVENTS Successful Santander Internet Banking Phish Dec 30 2016 (current_events.rules) 2824154 - ProApps CURRENT_EVENTS Successful Paypal Phish Dec 30 2016 (current_events.rules) 2824155 - ProApps CURRENT_EVENTS Successful DHL Phish Dec 30 2016 (current_events.rules) 2824156 - ProApps CURRENT_EVENTS Successful Apple Phish M1 Dec 30 2016 (current_events.rules) 2824157 - ProApps CURRENT_EVENTS Successful Apple Phish M2 Dec 30 2016 (current_events.rules) 2824158 - ProApps CURRENT_EVENTS Successful American Express Phish M1 Dec 30 2016 (current_events.rules) 2824159 - ProApps CURRENT_EVENTS Successful American Express Phish M2 Dec 30 2016 (current_events.rules) 2824160 - ProApps CURRENT_EVENTS Successful First Citizens Bank Phish M1 Dec 30 2016 (current_events.rules) 2824161 - ProApps CURRENT_EVENTS Successful First Citizens Bank Phish M2 Dec 30 2016 (current_events.rules) 2824162 - ProApps TROJAN DNS Query to Cerber Domain (14zwws . top) (trojan.rules) 2824163 - ProApps TROJAN DNS Query to Cerber Domain (1jpogn . top) (trojan.rules) 2824164 - ProApps TROJAN DNS Query to Cerber Domain (1mwipu . top) (trojan.rules) 2824165 - ProApps TROJAN DNS Query to Cerber Domain (1e6ln1 . top) (trojan.rules) 2824166 - ProApps TROJAN DNS Query to Cerber Domain (1pr21c . top) (trojan.rules) 2824167 - ProApps TROJAN DNS Query to Cerber Domain (1gtx3p . top) (trojan.rules) 2824168 - ProApps TROJAN DNS Query to Cerber Domain (199ovv . top) (trojan.rules) 2824169 - ProApps TROJAN DNS Query to Cerber Domain (1bpfr1 . top) (trojan.rules) 2824170 - ProApps TROJAN DNS Query to Cerber Domain (1bpfr1 . top) (trojan.rules) 2824171 - ProApps TROJAN DNS Query to Cerber Domain (17vj7b . top) (trojan.rules) 2824172 - ProApps TROJAN DNS Query to Cerber Domain (1cynje . top) (trojan.rules) 2824173 - ProApps MOBILE_MALWARE Android.Trojan.InfoStealer.IB .onion Proxy Domain (mobile_malware.rules) 2824174 - ProApps CURRENT_EVENTS Possible Successful Generic Phish (set) Jan 03 2017 (current_events.rules) 2824175 - ProApps CURRENT_EVENTS Successful Paypal Phish Jan 03 2017 (current_events.rules) 2824176 - ProApps CURRENT_EVENTS Successful Danske Phish Jan 03 2017 (current_events.rules) 2824177 - ProApps CURRENT_EVENTS Successful DHL Phish Jan 03 2017 (current_events.rules) 2824178 - ProApps CURRENT_EVENTS Successful Bank of America Phish Jan 03 2017 (current_events.rules) 2824179 - ProApps CURRENT_EVENTS Successful Apple Phish Jan 03 2017 (current_events.rules) 2824180 - ProApps CURRENT_EVENTS Successful Paypal Phish M2 Jan 03 2017 (current_events.rules) 2824181 - ProApps CURRENT_EVENTS Successful Paypal Phish M3 Jan 03 2017 (current_events.rules) 2824182 - ProApps CURRENT_EVENTS Successful Visa Phish (FR) M1 Jan 03 2017 (current_events.rules) 2824183 - ProApps CURRENT_EVENTS Successful Visa Phish (FR) M2 Jan 03 2017 (current_events.rules) 2824184 - ProApps CURRENT_EVENTS Successful Visa Phish (FR) M3 Jan 03 2017 (current_events.rules) 2824185 - ProApps TROJAN Excrevie Downloading EXE (trojan.rules) 2824186 - ProApps TROJAN fs0ciety Bot CnC Activity (trojan.rules) [+++] Modify rules: 191 [+++] 2019714 - ProApps CURRENT_EVENTS Terse alphanumeric executable downloader high likelihood of being hostile (current_events.rules) 2400000 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 1 (drop.rules) 2400001 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 2 (drop.rules) 2400002 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 3 (drop.rules) 2400003 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 4 (drop.rules) 2400004 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 5 (drop.rules) 2400005 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 6 (drop.rules) 2400006 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 7 (drop.rules) 2400007 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 8 (drop.rules) 2400008 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 9 (drop.rules) 2400009 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 10 (drop.rules) 2400010 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 11 (drop.rules) 2400011 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 12 (drop.rules) 2400012 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 13 (drop.rules) 2400013 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 14 (drop.rules) 2400014 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 15 (drop.rules) 2400015 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 16 (drop.rules) 2400016 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 17 (drop.rules) 2400017 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 18 (drop.rules) 2400018 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 19 (drop.rules) 2400019 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 20 (drop.rules) 2400020 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 21 (drop.rules) 2400021 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 22 (drop.rules) 2400022 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 23 (drop.rules) 2400023 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 24 (drop.rules) 2400024 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 25 (drop.rules) 2400025 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 26 (drop.rules) 2400026 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 27 (drop.rules) 2400027 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 28 (drop.rules) 2400028 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 29 (drop.rules) 2400029 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 30 (drop.rules) 2400030 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 31 (drop.rules) 2400031 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 32 (drop.rules) 2400032 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 33 (drop.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 223 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 444 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 805 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 1863 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 1881 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 2222 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 4433 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2821920 - ProApps CURRENT_EVENTS Successful Personalized Phish (Multiple Brands) Aug 30 2016 (current_events.rules) 2822297 - ProApps TROJAN iSpy/HawkSpy Keylogger PWS Checkin via HTTP M2 (trojan.rules) [+++] Removed rules: 214 [+++] 2000348 - ProApps TROJAN IRC Channel JOIN on non-standard port (trojan.rules) 2403400 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 101 (ciarmy.rules) 2403401 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 102 (ciarmy.rules) 2403402 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 103 (ciarmy.rules) 2403403 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 104 (ciarmy.rules) 2403404 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 105 (ciarmy.rules) 2403405 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 106 (ciarmy.rules) 2403406 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 107 (ciarmy.rules) 2403407 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 108 (ciarmy.rules) 2403408 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 109 (ciarmy.rules) 2403409 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 110 (ciarmy.rules) 2403410 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 111 (ciarmy.rules) 2403411 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 112 (ciarmy.rules) 2403412 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 113 (ciarmy.rules) 2403413 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 114 (ciarmy.rules) 2403414 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 115 (ciarmy.rules) 2403415 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 116 (ciarmy.rules) 2403416 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 117 (ciarmy.rules) 2403417 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 118 (ciarmy.rules) 2403418 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 119 (ciarmy.rules) 2403419 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 120 (ciarmy.rules) 2403420 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 121 (ciarmy.rules) 2403421 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 122 (ciarmy.rules) 2403422 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 123 (ciarmy.rules) 2403423 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 124 (ciarmy.rules) 2403424 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 125 (ciarmy.rules) 2403425 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 126 (ciarmy.rules) 2403426 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 127 (ciarmy.rules) 2403427 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 128 (ciarmy.rules) 2403428 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 129 (ciarmy.rules) 2403429 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 130 (ciarmy.rules) 2403430 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 131 (ciarmy.rules) 2403431 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 132 (ciarmy.rules) 2403432 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 133 (ciarmy.rules) 2403433 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 134 (ciarmy.rules) 2403434 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 135 (ciarmy.rules) 2403435 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 136 (ciarmy.rules) 2403436 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 137 (ciarmy.rules) 2403437 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 138 (ciarmy.rules) 2403438 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 139 (ciarmy.rules) 2403439 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 140 (ciarmy.rules) 2403440 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 141 (ciarmy.rules) 2403441 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 142 (ciarmy.rules) 2403442 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 143 (ciarmy.rules) 2403443 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 144 (ciarmy.rules) 2403444 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 145 (ciarmy.rules) 2403445 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 146 (ciarmy.rules) 2403446 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 147 (ciarmy.rules) 2403447 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 148 (ciarmy.rules) 2403448 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 149 (ciarmy.rules) 2403449 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 150 (ciarmy.rules) 2403450 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 151 (ciarmy.rules) 2403451 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 152 (ciarmy.rules) 2403452 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 153 (ciarmy.rules) 2403453 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 154 (ciarmy.rules) 2403454 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 155 (ciarmy.rules) 2403455 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 156 (ciarmy.rules) 2403456 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 157 (ciarmy.rules) 2403457 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 158 (ciarmy.rules) 2403458 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 159 (ciarmy.rules) 2403459 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 160 (ciarmy.rules) 2403460 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 161 (ciarmy.rules) 2403461 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 162 (ciarmy.rules) 2403462 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 163 (ciarmy.rules) 2403463 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 164 (ciarmy.rules) 2403464 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 165 (ciarmy.rules) 2403465 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 166 (ciarmy.rules) 2403466 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 167 (ciarmy.rules) 2403467 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 168 (ciarmy.rules) 2403468 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 169 (ciarmy.rules) 2403469 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 170 (ciarmy.rules) 2403470 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 171 (ciarmy.rules) 2403471 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 172 (ciarmy.rules) 2403472 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 173 (ciarmy.rules) 2403473 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 174 (ciarmy.rules) 2403474 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 175 (ciarmy.rules) 2403475 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 176 (ciarmy.rules) 2403476 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 177 (ciarmy.rules) 2403477 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 178 (ciarmy.rules) 2403478 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 179 (ciarmy.rules) 2403479 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 180 (ciarmy.rules) 2403480 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 181 (ciarmy.rules) 2403481 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 182 (ciarmy.rules) 2403482 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 183 (ciarmy.rules) 2403483 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 184 (ciarmy.rules) 2403484 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 185 (ciarmy.rules) 2403485 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 186 (ciarmy.rules) 2403486 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 187 (ciarmy.rules) 2403487 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 188 (ciarmy.rules) 2403488 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 189 (ciarmy.rules) 2403489 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 190 (ciarmy.rules) 2403490 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 191 (ciarmy.rules) 2403491 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 192 (ciarmy.rules) 2403492 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 193 (ciarmy.rules) 2403493 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 194 (ciarmy.rules) 2403494 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 195 (ciarmy.rules) 2403495 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 196 (ciarmy.rules) 2403496 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 197 (ciarmy.rules) 2403497 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 198 (ciarmy.rules) 2403498 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 199 (ciarmy.rules) 2403499 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 200 (ciarmy.rules) 2403500 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 201 (ciarmy.rules) 2403501 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 202 (ciarmy.rules) 2403502 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 203 (ciarmy.rules) 2403503 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 204 (ciarmy.rules) 2403504 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 205 (ciarmy.rules) 2403505 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 206 (ciarmy.rules) 2403506 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 207 (ciarmy.rules) 2403507 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 208 (ciarmy.rules) 2403508 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 209 (ciarmy.rules) 2403509 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 210 (ciarmy.rules) 2403510 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 211 (ciarmy.rules) 2403511 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 212 (ciarmy.rules) 2403512 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 213 (ciarmy.rules) 2403513 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 214 (ciarmy.rules) 2403514 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 215 (ciarmy.rules) 2403515 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 216 (ciarmy.rules) 2403516 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 217 (ciarmy.rules) 2403517 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 218 (ciarmy.rules) 2403518 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 219 (ciarmy.rules) 2403519 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 220 (ciarmy.rules) 2403520 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 221 (ciarmy.rules) 2403521 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 222 (ciarmy.rules) 2403522 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 223 (ciarmy.rules) 2403523 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 224 (ciarmy.rules) 2403524 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 225 (ciarmy.rules) 2403525 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 226 (ciarmy.rules) 2403526 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 227 (ciarmy.rules) 2403527 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 228 (ciarmy.rules) 2403528 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 229 (ciarmy.rules) 2403529 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 230 (ciarmy.rules) 2403530 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 231 (ciarmy.rules) 2403531 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 232 (ciarmy.rules) 2403532 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 233 (ciarmy.rules) 2403533 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 234 (ciarmy.rules) 2403534 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 235 (ciarmy.rules) 2403535 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 236 (ciarmy.rules) 2403536 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 237 (ciarmy.rules) 2403537 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 238 (ciarmy.rules) 2403538 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 239 (ciarmy.rules) 2403539 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 240 (ciarmy.rules) 2403540 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 241 (ciarmy.rules) 2403541 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 242 (ciarmy.rules) 2403542 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 243 (ciarmy.rules) 2403543 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 244 (ciarmy.rules) 2403544 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 245 (ciarmy.rules) 2403545 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 246 (ciarmy.rules) 2403546 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 247 (ciarmy.rules) 2403547 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 248 (ciarmy.rules) 2403548 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 249 (ciarmy.rules) 2403549 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 250 (ciarmy.rules) 2403550 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 251 (ciarmy.rules) 2403551 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 252 (ciarmy.rules) 2403552 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 253 (ciarmy.rules) 2403553 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 254 (ciarmy.rules) 2403554 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 255 (ciarmy.rules) 2403555 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 256 (ciarmy.rules) 2403556 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 257 (ciarmy.rules) 2403557 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 258 (ciarmy.rules) 2403558 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 259 (ciarmy.rules) 2403559 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 260 (ciarmy.rules) 2403560 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 261 (ciarmy.rules) 2403561 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 262 (ciarmy.rules) 2403562 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 263 (ciarmy.rules) 2403563 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 264 (ciarmy.rules) 2403564 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 265 (ciarmy.rules) 2403565 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 266 (ciarmy.rules) 2403566 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 267 (ciarmy.rules) 2403567 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 268 (ciarmy.rules) 2403568 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 269 (ciarmy.rules) 2403569 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 270 (ciarmy.rules) 2403570 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 271 (ciarmy.rules) 2403571 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 272 (ciarmy.rules) 2403572 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 273 (ciarmy.rules) 2403573 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 274 (ciarmy.rules) 2403574 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 275 (ciarmy.rules) 2403575 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 276 (ciarmy.rules) 2403576 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 277 (ciarmy.rules) 2403577 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 278 (ciarmy.rules) 2403578 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 279 (ciarmy.rules) 2403579 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 280 (ciarmy.rules) 2403580 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 281 (ciarmy.rules) 2403581 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 282 (ciarmy.rules) 2403582 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 283 (ciarmy.rules) 2403583 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 284 (ciarmy.rules) 2403584 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 285 (ciarmy.rules) 2403585 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 286 (ciarmy.rules) 2403586 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 287 (ciarmy.rules) 2403587 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 288 (ciarmy.rules) 2403588 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 289 (ciarmy.rules) 2403589 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 290 (ciarmy.rules) 2403590 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 291 (ciarmy.rules) 2403591 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 292 (ciarmy.rules) 2403592 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 293 (ciarmy.rules) 2403593 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 294 (ciarmy.rules) 2403594 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 295 (ciarmy.rules) 2403595 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 296 (ciarmy.rules) 2403596 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 297 (ciarmy.rules) 2403597 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 298 (ciarmy.rules) 2403598 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 299 (ciarmy.rules) 2403599 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 300 (ciarmy.rules) 2403600 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 301 (ciarmy.rules) 2403601 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 302 (ciarmy.rules) 2403602 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 303 (ciarmy.rules) 2403603 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 304 (ciarmy.rules) 2403604 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 305 (ciarmy.rules) 2403605 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 306 (ciarmy.rules) 2403606 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 307 (ciarmy.rules) 2403607 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 308 (ciarmy.rules) 2403608 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 309 (ciarmy.rules) 2403609 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 310 (ciarmy.rules) 2403610 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 311 (ciarmy.rules) 2403611 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 312 (ciarmy.rules) 2405054 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) [***] ProApps Security IDS Rules Changelog started Fri Dec 30 16:00:52 2016 [***] [+++] Added rules: 13 [+++] 2023690 - ProApps TROJAN Ransomware/Cerber Onion Domain Lookup (trojan.rules) 2824135 - ProApps TROJAN DNS Query to Cerber Domain (va3ibn . top) (trojan.rules) 2824136 - ProApps TROJAN DNS Query to Cerber Domain (ean5e7 . top) (trojan.rules) 2824137 - ProApps TROJAN DNS Query to Cerber Domain (1mznhc . top) (trojan.rules) 2824138 - ProApps TROJAN DNS Query to Cerber Domain (rys9pj . top) (trojan.rules) 2824139 - ProApps TROJAN DNS Query to Cerber Domain (h1ropx . top) (trojan.rules) 2824140 - ProApps TROJAN DNS Query to Cerber Domain (a4m03m . top) (trojan.rules) 2824141 - ProApps TROJAN DNS Query to Cerber Domain (vjso7r . top) (trojan.rules) 2824142 - ProApps TROJAN DNS Query to Cerber Domain (wgx4go . top) (trojan.rules) 2824143 - ProApps TROJAN DNS Query to Cerber Domain (3oebta . top) (trojan.rules) 2824144 - ProApps TROJAN DNS Query to Cerber Domain (6yza5v . top) (trojan.rules) 2824145 - ProApps TROJAN APT28 Uploader DNS Lookup (trojan.rules) 2824146 - ProApps TROJAN APT28 Uploader DNS Lookup (trojan.rules) [+++] Modify rules: 7 [+++] 2003492 - ProApps MALWARE Suspicious Mozilla User-Agent - Likely Fake (Mozilla/4.0) (malware.rules) 2011540 - ProApps POLICY OpenSSL Demo CA - Internet Widgits Pty (O) (policy.rules) 2023401 - ProApps CURRENT_EVENTS RIG EK URI struct Oct 24 2016 (RIG-v) (current_events.rules) 2809559 - ProApps MOBILE_MALWARE Android.Adware.NoiconAds.A Checkin (mobile_malware.rules) 2822847 - ProApps CURRENT_EVENTS Evil Redirect to RIG-v EK Oct 24 2016 (current_events.rules) 2823058 - ProApps CURRENT_EVENTS Evil 302 Redirect to RIG-v EK Oct 24 2016 (current_events.rules) 2823457 - ProApps CURRENT_EVENTS RIG EK Flash Exploit (set) (current_events.rules) [+++] Removed rules: 1 [+++] 2824124 - ProApps TROJAN Ransomware/Cerber Onion Domain Lookup (trojan.rules) [***] ProApps Security IDS Rules Changelog started Fri Dec 30 12:21:33 2016 [***] [+++] Added rules: 17 [+++] 2403597 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 298 (ciarmy.rules) 2403598 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 299 (ciarmy.rules) 2403599 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 300 (ciarmy.rules) 2403600 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 301 (ciarmy.rules) 2403601 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 302 (ciarmy.rules) 2403602 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 303 (ciarmy.rules) 2403603 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 304 (ciarmy.rules) 2403604 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 305 (ciarmy.rules) 2403605 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 306 (ciarmy.rules) 2403606 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 307 (ciarmy.rules) 2403607 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 308 (ciarmy.rules) 2403608 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 309 (ciarmy.rules) 2403609 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 310 (ciarmy.rules) 2403610 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 311 (ciarmy.rules) 2403611 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 312 (ciarmy.rules) 2405054 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2824134 - ProApps CURRENT_EVENTS Successful Generic Phish (Meta HTTP-Equiv Refresh) Dec 29 2016 (current_events.rules) [+++] Modify rules: 356 [+++] 2019680 - ProApps TROJAN Possible Archie EK Payload Checkin GET (trojan.rules) 2023677 - ProApps TROJAN Tofsee DGA (2016-12-15 to 2017-05-04) (trojan.rules) 2023678 - ProApps TROJAN Tofsee DGA (2017-05-04 to 2017-11-02) (trojan.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2403400 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 101 (ciarmy.rules) 2403401 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 102 (ciarmy.rules) 2403402 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 103 (ciarmy.rules) 2403403 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 104 (ciarmy.rules) 2403404 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 105 (ciarmy.rules) 2403405 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 106 (ciarmy.rules) 2403406 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 107 (ciarmy.rules) 2403407 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 108 (ciarmy.rules) 2403408 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 109 (ciarmy.rules) 2403409 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 110 (ciarmy.rules) 2403410 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 111 (ciarmy.rules) 2403411 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 112 (ciarmy.rules) 2403412 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 113 (ciarmy.rules) 2403413 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 114 (ciarmy.rules) 2403414 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 115 (ciarmy.rules) 2403415 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 116 (ciarmy.rules) 2403416 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 117 (ciarmy.rules) 2403417 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 118 (ciarmy.rules) 2403418 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 119 (ciarmy.rules) 2403419 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 120 (ciarmy.rules) 2403420 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 121 (ciarmy.rules) 2403421 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 122 (ciarmy.rules) 2403422 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 123 (ciarmy.rules) 2403423 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 124 (ciarmy.rules) 2403424 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 125 (ciarmy.rules) 2403425 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 126 (ciarmy.rules) 2403426 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 127 (ciarmy.rules) 2403427 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 128 (ciarmy.rules) 2403428 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 129 (ciarmy.rules) 2403429 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 130 (ciarmy.rules) 2403430 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 131 (ciarmy.rules) 2403431 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 132 (ciarmy.rules) 2403432 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 133 (ciarmy.rules) 2403433 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 134 (ciarmy.rules) 2403434 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 135 (ciarmy.rules) 2403435 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 136 (ciarmy.rules) 2403436 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 137 (ciarmy.rules) 2403437 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 138 (ciarmy.rules) 2403438 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 139 (ciarmy.rules) 2403439 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 140 (ciarmy.rules) 2403440 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 141 (ciarmy.rules) 2403441 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 142 (ciarmy.rules) 2403442 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 143 (ciarmy.rules) 2403443 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 144 (ciarmy.rules) 2403444 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 145 (ciarmy.rules) 2403445 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 146 (ciarmy.rules) 2403446 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 147 (ciarmy.rules) 2403447 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 148 (ciarmy.rules) 2403448 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 149 (ciarmy.rules) 2403449 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 150 (ciarmy.rules) 2403450 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 151 (ciarmy.rules) 2403451 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 152 (ciarmy.rules) 2403452 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 153 (ciarmy.rules) 2403453 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 154 (ciarmy.rules) 2403454 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 155 (ciarmy.rules) 2403455 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 156 (ciarmy.rules) 2403456 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 157 (ciarmy.rules) 2403457 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 158 (ciarmy.rules) 2403458 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 159 (ciarmy.rules) 2403459 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 160 (ciarmy.rules) 2403460 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 161 (ciarmy.rules) 2403461 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 162 (ciarmy.rules) 2403462 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 163 (ciarmy.rules) 2403463 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 164 (ciarmy.rules) 2403464 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 165 (ciarmy.rules) 2403465 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 166 (ciarmy.rules) 2403466 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 167 (ciarmy.rules) 2403467 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 168 (ciarmy.rules) 2403468 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 169 (ciarmy.rules) 2403469 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 170 (ciarmy.rules) 2403470 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 171 (ciarmy.rules) 2403471 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 172 (ciarmy.rules) 2403472 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 173 (ciarmy.rules) 2403473 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 174 (ciarmy.rules) 2403474 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 175 (ciarmy.rules) 2403475 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 176 (ciarmy.rules) 2403476 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 177 (ciarmy.rules) 2403477 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 178 (ciarmy.rules) 2403478 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 179 (ciarmy.rules) 2403479 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 180 (ciarmy.rules) 2403480 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 181 (ciarmy.rules) 2403481 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 182 (ciarmy.rules) 2403482 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 183 (ciarmy.rules) 2403483 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 184 (ciarmy.rules) 2403484 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 185 (ciarmy.rules) 2403485 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 186 (ciarmy.rules) 2403486 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 187 (ciarmy.rules) 2403487 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 188 (ciarmy.rules) 2403488 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 189 (ciarmy.rules) 2403489 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 190 (ciarmy.rules) 2403490 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 191 (ciarmy.rules) 2403491 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 192 (ciarmy.rules) 2403492 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 193 (ciarmy.rules) 2403493 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 194 (ciarmy.rules) 2403494 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 195 (ciarmy.rules) 2403495 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 196 (ciarmy.rules) 2403496 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 197 (ciarmy.rules) 2403497 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 198 (ciarmy.rules) 2403498 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 199 (ciarmy.rules) 2403499 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 200 (ciarmy.rules) 2403500 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 201 (ciarmy.rules) 2403501 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 202 (ciarmy.rules) 2403502 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 203 (ciarmy.rules) 2403503 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 204 (ciarmy.rules) 2403504 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 205 (ciarmy.rules) 2403505 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 206 (ciarmy.rules) 2403506 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 207 (ciarmy.rules) 2403507 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 208 (ciarmy.rules) 2403508 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 209 (ciarmy.rules) 2403509 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 210 (ciarmy.rules) 2403510 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 211 (ciarmy.rules) 2403511 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 212 (ciarmy.rules) 2403512 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 213 (ciarmy.rules) 2403513 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 214 (ciarmy.rules) 2403514 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 215 (ciarmy.rules) 2403515 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 216 (ciarmy.rules) 2403516 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 217 (ciarmy.rules) 2403517 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 218 (ciarmy.rules) 2403518 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 219 (ciarmy.rules) 2403519 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 220 (ciarmy.rules) 2403520 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 221 (ciarmy.rules) 2403521 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 222 (ciarmy.rules) 2403522 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 223 (ciarmy.rules) 2403523 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 224 (ciarmy.rules) 2403524 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 225 (ciarmy.rules) 2403525 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 226 (ciarmy.rules) 2403526 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 227 (ciarmy.rules) 2403527 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 228 (ciarmy.rules) 2403528 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 229 (ciarmy.rules) 2403529 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 230 (ciarmy.rules) 2403530 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 231 (ciarmy.rules) 2403531 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 232 (ciarmy.rules) 2403532 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 233 (ciarmy.rules) 2403533 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 234 (ciarmy.rules) 2403534 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 235 (ciarmy.rules) 2403535 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 236 (ciarmy.rules) 2403536 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 237 (ciarmy.rules) 2403537 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 238 (ciarmy.rules) 2403538 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 239 (ciarmy.rules) 2403539 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 240 (ciarmy.rules) 2403540 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 241 (ciarmy.rules) 2403541 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 242 (ciarmy.rules) 2403542 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 243 (ciarmy.rules) 2403543 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 244 (ciarmy.rules) 2403544 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 245 (ciarmy.rules) 2403545 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 246 (ciarmy.rules) 2403546 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 247 (ciarmy.rules) 2403547 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 248 (ciarmy.rules) 2403548 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 249 (ciarmy.rules) 2403549 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 250 (ciarmy.rules) 2403550 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 251 (ciarmy.rules) 2403551 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 252 (ciarmy.rules) 2403552 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 253 (ciarmy.rules) 2403553 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 254 (ciarmy.rules) 2403554 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 255 (ciarmy.rules) 2403555 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 256 (ciarmy.rules) 2403556 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 257 (ciarmy.rules) 2403557 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 258 (ciarmy.rules) 2403558 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 259 (ciarmy.rules) 2403559 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 260 (ciarmy.rules) 2403560 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 261 (ciarmy.rules) 2403561 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 262 (ciarmy.rules) 2403562 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 263 (ciarmy.rules) 2403563 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 264 (ciarmy.rules) 2403564 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 265 (ciarmy.rules) 2403565 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 266 (ciarmy.rules) 2403566 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 267 (ciarmy.rules) 2403567 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 268 (ciarmy.rules) 2403568 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 269 (ciarmy.rules) 2403569 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 270 (ciarmy.rules) 2403570 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 271 (ciarmy.rules) 2403571 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 272 (ciarmy.rules) 2403572 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 273 (ciarmy.rules) 2403573 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 274 (ciarmy.rules) 2403574 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 275 (ciarmy.rules) 2403575 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 276 (ciarmy.rules) 2403576 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 277 (ciarmy.rules) 2403577 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 278 (ciarmy.rules) 2403578 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 279 (ciarmy.rules) 2403579 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 280 (ciarmy.rules) 2403580 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 281 (ciarmy.rules) 2403581 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 282 (ciarmy.rules) 2403582 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 283 (ciarmy.rules) 2403583 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 284 (ciarmy.rules) 2403584 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 285 (ciarmy.rules) 2403585 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 286 (ciarmy.rules) 2403586 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 287 (ciarmy.rules) 2403587 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 288 (ciarmy.rules) 2403588 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 289 (ciarmy.rules) 2403589 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 290 (ciarmy.rules) 2403590 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 291 (ciarmy.rules) 2403591 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 292 (ciarmy.rules) 2403592 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 293 (ciarmy.rules) 2403593 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 294 (ciarmy.rules) 2403594 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 295 (ciarmy.rules) 2403595 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 296 (ciarmy.rules) 2403596 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 297 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 223 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 444 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 805 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 1863 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 1881 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 2222 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 3211 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2823457 - ProApps CURRENT_EVENTS RIG EK Flash Exploit (set) (current_events.rules) [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Thu Dec 29 17:17:53 2016 [***] [+++] Added rules: 42 [+++] 2023689 - ProApps TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gootkit CnC) (trojan.rules) 2403584 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 285 (ciarmy.rules) 2403585 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 286 (ciarmy.rules) 2403586 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 287 (ciarmy.rules) 2403587 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 288 (ciarmy.rules) 2403588 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 289 (ciarmy.rules) 2403589 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 290 (ciarmy.rules) 2403590 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 291 (ciarmy.rules) 2403591 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 292 (ciarmy.rules) 2403592 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 293 (ciarmy.rules) 2403593 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 294 (ciarmy.rules) 2403594 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 295 (ciarmy.rules) 2403595 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 296 (ciarmy.rules) 2403596 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 297 (ciarmy.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2824108 - ProApps CURRENT_EVENTS Successful Apple Store Phish M1 Dec 29 2016 (current_events.rules) 2824109 - ProApps CURRENT_EVENTS Successful Apple Store Phish M2 Dec 29 2016 (current_events.rules) 2824110 - ProApps CURRENT_EVENTS Successful Apple Store Phish M3 Dec 29 2016 (current_events.rules) 2824111 - ProApps CURRENT_EVENTS Successful Apple Store Phish M4 Dec 29 2016 (current_events.rules) 2824112 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2016-12-29 1) (trojan.rules) 2824113 - ProApps MOBILE_MALWARE Trojan-SMS.AndroidOS.Opfake.cc Checkin (mobile_malware.rules) 2824114 - ProApps TROJAN DNS Query to Cerber Domain (10nzk9 . top) (trojan.rules) 2824115 - ProApps TROJAN DNS Query to Cerber Domain (0ses78 . top) (trojan.rules) 2824116 - ProApps TROJAN DNS Query to Cerber Domain (ayjy5d . top) (trojan.rules) 2824117 - ProApps TROJAN DNS Query to Cerber Domain (s611js . top) (trojan.rules) 2824118 - ProApps TROJAN DNS Query to Cerber Domain (ejc92c . top) (trojan.rules) 2824119 - ProApps TROJAN DNS Query to Cerber Domain (zgyua4 . top) (trojan.rules) 2824120 - ProApps TROJAN DNS Query to Cerber Domain (1b6ugs . top) (trojan.rules) 2824121 - ProApps TROJAN DNS Query to Cerber Domain (1xbdc2 . top) (trojan.rules) 2824122 - ProApps TROJAN DNS Query to Cerber Domain (0m9rxw . top) (trojan.rules) 2824123 - ProApps TROJAN DNS Query to Cerber Domain (tebibg . top) (trojan.rules) 2824124 - ProApps TROJAN Ransomware/Cerber Onion Domain Lookup (trojan.rules) 2824125 - ProApps CURRENT_EVENTS Possible Successful Generic Phish (set) Dec 27 2016 (current_events.rules) 2824126 - ProApps CURRENT_EVENTS Successful Chase Phish Dec 29 2016 (current_events.rules) 2824127 - ProApps MOBILE_MALWARE Android/TrojanDropper.Agent.CT Checkin 3 (mobile_malware.rules) 2824128 - ProApps CURRENT_EVENTS Successful Ebay Phish M1 Dec 29 2016 (current_events.rules) 2824129 - ProApps CURRENT_EVENTS Successful Ebay Phish M2 Dec 29 2016 (current_events.rules) 2824130 - ProApps CURRENT_EVENTS Successful Wells Fargo Phish M1 Dec 29 2016 (current_events.rules) 2824131 - ProApps CURRENT_EVENTS Successful Wells Fargo Phish M2 Dec 29 2016 (current_events.rules) 2824132 - ProApps CURRENT_EVENTS Successful Banamex Bank Phish Dec 29 2016 (current_events.rules) 2824133 - ProApps CURRENT_EVENTS Successful Apple Phish Dec 29 2016 (current_events.rules) [+++] Modify rules: 346 [+++] 2001891 - ProApps USER_AGENTS Suspicious User Agent (agent) (user_agents.rules) 2011341 - ProApps TROJAN Suspicious POST With Reference to WINDOWS Folder Possible Malware Infection (trojan.rules) 2013224 - ProApps POLICY Suspicious User-Agent Containing .exe (policy.rules) 2019230 - ProApps TROJAN Possible Tinba DGA NXDOMAIN Responses (trojan.rules) 2023401 - ProApps CURRENT_EVENTS RIG EK URI struct Oct 24 2016 (RIG-v) (current_events.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2403400 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 101 (ciarmy.rules) 2403401 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 102 (ciarmy.rules) 2403402 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 103 (ciarmy.rules) 2403403 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 104 (ciarmy.rules) 2403404 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 105 (ciarmy.rules) 2403405 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 106 (ciarmy.rules) 2403406 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 107 (ciarmy.rules) 2403407 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 108 (ciarmy.rules) 2403408 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 109 (ciarmy.rules) 2403409 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 110 (ciarmy.rules) 2403410 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 111 (ciarmy.rules) 2403411 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 112 (ciarmy.rules) 2403412 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 113 (ciarmy.rules) 2403413 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 114 (ciarmy.rules) 2403414 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 115 (ciarmy.rules) 2403415 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 116 (ciarmy.rules) 2403416 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 117 (ciarmy.rules) 2403417 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 118 (ciarmy.rules) 2403418 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 119 (ciarmy.rules) 2403419 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 120 (ciarmy.rules) 2403420 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 121 (ciarmy.rules) 2403421 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 122 (ciarmy.rules) 2403422 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 123 (ciarmy.rules) 2403423 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 124 (ciarmy.rules) 2403424 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 125 (ciarmy.rules) 2403425 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 126 (ciarmy.rules) 2403426 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 127 (ciarmy.rules) 2403427 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 128 (ciarmy.rules) 2403428 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 129 (ciarmy.rules) 2403429 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 130 (ciarmy.rules) 2403430 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 131 (ciarmy.rules) 2403431 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 132 (ciarmy.rules) 2403432 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 133 (ciarmy.rules) 2403433 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 134 (ciarmy.rules) 2403434 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 135 (ciarmy.rules) 2403435 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 136 (ciarmy.rules) 2403436 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 137 (ciarmy.rules) 2403437 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 138 (ciarmy.rules) 2403438 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 139 (ciarmy.rules) 2403439 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 140 (ciarmy.rules) 2403440 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 141 (ciarmy.rules) 2403441 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 142 (ciarmy.rules) 2403442 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 143 (ciarmy.rules) 2403443 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 144 (ciarmy.rules) 2403444 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 145 (ciarmy.rules) 2403445 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 146 (ciarmy.rules) 2403446 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 147 (ciarmy.rules) 2403447 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 148 (ciarmy.rules) 2403448 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 149 (ciarmy.rules) 2403449 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 150 (ciarmy.rules) 2403450 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 151 (ciarmy.rules) 2403451 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 152 (ciarmy.rules) 2403452 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 153 (ciarmy.rules) 2403453 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 154 (ciarmy.rules) 2403454 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 155 (ciarmy.rules) 2403455 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 156 (ciarmy.rules) 2403456 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 157 (ciarmy.rules) 2403457 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 158 (ciarmy.rules) 2403458 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 159 (ciarmy.rules) 2403459 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 160 (ciarmy.rules) 2403460 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 161 (ciarmy.rules) 2403461 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 162 (ciarmy.rules) 2403462 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 163 (ciarmy.rules) 2403463 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 164 (ciarmy.rules) 2403464 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 165 (ciarmy.rules) 2403465 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 166 (ciarmy.rules) 2403466 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 167 (ciarmy.rules) 2403467 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 168 (ciarmy.rules) 2403468 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 169 (ciarmy.rules) 2403469 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 170 (ciarmy.rules) 2403470 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 171 (ciarmy.rules) 2403471 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 172 (ciarmy.rules) 2403472 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 173 (ciarmy.rules) 2403473 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 174 (ciarmy.rules) 2403474 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 175 (ciarmy.rules) 2403475 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 176 (ciarmy.rules) 2403476 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 177 (ciarmy.rules) 2403477 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 178 (ciarmy.rules) 2403478 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 179 (ciarmy.rules) 2403479 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 180 (ciarmy.rules) 2403480 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 181 (ciarmy.rules) 2403481 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 182 (ciarmy.rules) 2403482 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 183 (ciarmy.rules) 2403483 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 184 (ciarmy.rules) 2403484 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 185 (ciarmy.rules) 2403485 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 186 (ciarmy.rules) 2403486 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 187 (ciarmy.rules) 2403487 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 188 (ciarmy.rules) 2403488 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 189 (ciarmy.rules) 2403489 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 190 (ciarmy.rules) 2403490 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 191 (ciarmy.rules) 2403491 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 192 (ciarmy.rules) 2403492 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 193 (ciarmy.rules) 2403493 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 194 (ciarmy.rules) 2403494 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 195 (ciarmy.rules) 2403495 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 196 (ciarmy.rules) 2403496 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 197 (ciarmy.rules) 2403497 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 198 (ciarmy.rules) 2403498 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 199 (ciarmy.rules) 2403499 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 200 (ciarmy.rules) 2403500 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 201 (ciarmy.rules) 2403501 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 202 (ciarmy.rules) 2403502 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 203 (ciarmy.rules) 2403503 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 204 (ciarmy.rules) 2403504 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 205 (ciarmy.rules) 2403505 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 206 (ciarmy.rules) 2403506 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 207 (ciarmy.rules) 2403507 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 208 (ciarmy.rules) 2403508 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 209 (ciarmy.rules) 2403509 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 210 (ciarmy.rules) 2403510 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 211 (ciarmy.rules) 2403511 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 212 (ciarmy.rules) 2403512 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 213 (ciarmy.rules) 2403513 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 214 (ciarmy.rules) 2403514 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 215 (ciarmy.rules) 2403515 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 216 (ciarmy.rules) 2403516 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 217 (ciarmy.rules) 2403517 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 218 (ciarmy.rules) 2403518 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 219 (ciarmy.rules) 2403519 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 220 (ciarmy.rules) 2403520 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 221 (ciarmy.rules) 2403521 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 222 (ciarmy.rules) 2403522 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 223 (ciarmy.rules) 2403523 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 224 (ciarmy.rules) 2403524 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 225 (ciarmy.rules) 2403525 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 226 (ciarmy.rules) 2403526 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 227 (ciarmy.rules) 2403527 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 228 (ciarmy.rules) 2403528 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 229 (ciarmy.rules) 2403529 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 230 (ciarmy.rules) 2403530 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 231 (ciarmy.rules) 2403531 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 232 (ciarmy.rules) 2403532 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 233 (ciarmy.rules) 2403533 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 234 (ciarmy.rules) 2403534 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 235 (ciarmy.rules) 2403535 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 236 (ciarmy.rules) 2403536 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 237 (ciarmy.rules) 2403537 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 238 (ciarmy.rules) 2403538 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 239 (ciarmy.rules) 2403539 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 240 (ciarmy.rules) 2403540 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 241 (ciarmy.rules) 2403541 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 242 (ciarmy.rules) 2403542 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 243 (ciarmy.rules) 2403543 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 244 (ciarmy.rules) 2403544 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 245 (ciarmy.rules) 2403545 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 246 (ciarmy.rules) 2403546 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 247 (ciarmy.rules) 2403547 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 248 (ciarmy.rules) 2403548 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 249 (ciarmy.rules) 2403549 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 250 (ciarmy.rules) 2403550 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 251 (ciarmy.rules) 2403551 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 252 (ciarmy.rules) 2403552 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 253 (ciarmy.rules) 2403553 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 254 (ciarmy.rules) 2403554 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 255 (ciarmy.rules) 2403555 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 256 (ciarmy.rules) 2403556 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 257 (ciarmy.rules) 2403557 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 258 (ciarmy.rules) 2403558 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 259 (ciarmy.rules) 2403559 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 260 (ciarmy.rules) 2403560 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 261 (ciarmy.rules) 2403561 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 262 (ciarmy.rules) 2403562 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 263 (ciarmy.rules) 2403563 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 264 (ciarmy.rules) 2403564 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 265 (ciarmy.rules) 2403565 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 266 (ciarmy.rules) 2403566 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 267 (ciarmy.rules) 2403567 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 268 (ciarmy.rules) 2403568 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 269 (ciarmy.rules) 2403569 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 270 (ciarmy.rules) 2403570 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 271 (ciarmy.rules) 2403571 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 272 (ciarmy.rules) 2403572 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 273 (ciarmy.rules) 2403573 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 274 (ciarmy.rules) 2403574 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 275 (ciarmy.rules) 2403575 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 276 (ciarmy.rules) 2403576 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 277 (ciarmy.rules) 2403577 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 278 (ciarmy.rules) 2403578 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 279 (ciarmy.rules) 2403579 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 280 (ciarmy.rules) 2403580 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 281 (ciarmy.rules) 2403581 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 282 (ciarmy.rules) 2403582 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 283 (ciarmy.rules) 2403583 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 284 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 223 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 444 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 805 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 1881 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 1993 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 2222 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2822335 - ProApps CURRENT_EVENTS Successful Gmail Phish Sep 30 2016 (current_events.rules) 2822847 - ProApps CURRENT_EVENTS Evil Redirect to RIG-v EK Oct 24 2016 (current_events.rules) 2823058 - ProApps CURRENT_EVENTS Evil 302 Redirect to RIG-v EK Oct 24 2016 (current_events.rules) 2823937 - ProApps CURRENT_EVENTS Successful Generic Phish (302) Dec 16 2016 (current_events.rules) [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Wed Dec 28 16:54:09 2016 [***] [+++] Added rules: 40 [+++] 2023687 - ProApps SCAN Acunetix scan in progress acunetix_wvs_security_test in http_uri (scan.rules) 2023688 - ProApps SCAN Acunetix scan in progress acunetix variable in http_uri (scan.rules) 2403573 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 274 (ciarmy.rules) 2403574 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 275 (ciarmy.rules) 2403575 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 276 (ciarmy.rules) 2403576 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 277 (ciarmy.rules) 2403577 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 278 (ciarmy.rules) 2403578 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 279 (ciarmy.rules) 2403579 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 280 (ciarmy.rules) 2403580 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 281 (ciarmy.rules) 2403581 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 282 (ciarmy.rules) 2403582 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 283 (ciarmy.rules) 2403583 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 284 (ciarmy.rules) 2824081 - ProApps TROJAN Likely APT28 SSL Cert (trojan.rules) 2824082 - ProApps TROJAN APT28 DNS Lookup (trojan.rules) 2824083 - ProApps TROJAN APT28 DNS Lookup (trojan.rules) 2824084 - ProApps TROJAN APT28 DNS Lookup (trojan.rules) 2824085 - ProApps TROJAN APT28 DNS Lookup (trojan.rules) 2824086 - ProApps TROJAN APT28 DNS Lookup (trojan.rules) 2824087 - ProApps TROJAN MSIL/DeriaLock Ransomware CnC Activity (trojan.rules) 2824088 - ProApps TROJAN Win32.Vreikstadi.a Checkin (trojan.rules) 2824089 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2824090 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2016-12-28 1) (trojan.rules) 2824091 - ProApps TROJAN Travnet 1.1x Checkin 1 (trojan.rules) 2824092 - ProApps TROJAN Travnet 1.1x Checkin 2 (trojan.rules) 2824093 - ProApps CURRENT_EVENTS Successful Possible Successful Outlook Web App Phish Dec 27 2016 (current_events.rules) 2824094 - ProApps CURRENT_EVENTS Successful Webmail Account Upgrade Phish Dec 27 2016 (current_events.rules) 2824095 - ProApps CURRENT_EVENTS Successful SunTrust Bank Phish Dec 27 2016 (current_events.rules) 2824096 - ProApps CURRENT_EVENTS Successful Protected PDF (Excel Template) Phish Dec 27 2016 (current_events.rules) 2824097 - ProApps CURRENT_EVENTS Successful Capital One Phish Dec 27 2016 (current_events.rules) 2824098 - ProApps TROJAN DNS Query to Cerber Domain (ci221p . top) (trojan.rules) 2824099 - ProApps TROJAN DNS Query to Cerber Domain (6k1otk . top) (trojan.rules) 2824100 - ProApps TROJAN DNS Query to Cerber Domain (19dmua . top) (trojan.rules) 2824101 - ProApps TROJAN DNS Query to Cerber Domain (jgafk0 . top) (trojan.rules) 2824102 - ProApps TROJAN DNS Query to Cerber Domain (i0jh68 . top) (trojan.rules) 2824103 - ProApps TROJAN DNS Query to Cerber Domain (zkxb17 . top) (trojan.rules) 2824104 - ProApps TROJAN DNS Query to Cerber Domain (wwa4tu . top) (trojan.rules) 2824105 - ProApps TROJAN DNS Query to Cerber Domain (9isvnh . top) (trojan.rules) 2824106 - ProApps TROJAN DNS Query to Cerber Domain (0ayn1s . top) (trojan.rules) 2824107 - ProApps TROJAN DNS Query to Cerber Domain (jye7lt . top) (trojan.rules) [+++] Modify rules: 330 [+++] 2022886 - ProApps POLICY Crypto Coin Miner Login (policy.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2403400 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 101 (ciarmy.rules) 2403401 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 102 (ciarmy.rules) 2403402 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 103 (ciarmy.rules) 2403403 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 104 (ciarmy.rules) 2403404 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 105 (ciarmy.rules) 2403405 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 106 (ciarmy.rules) 2403406 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 107 (ciarmy.rules) 2403407 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 108 (ciarmy.rules) 2403408 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 109 (ciarmy.rules) 2403409 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 110 (ciarmy.rules) 2403410 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 111 (ciarmy.rules) 2403411 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 112 (ciarmy.rules) 2403412 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 113 (ciarmy.rules) 2403413 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 114 (ciarmy.rules) 2403414 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 115 (ciarmy.rules) 2403415 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 116 (ciarmy.rules) 2403416 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 117 (ciarmy.rules) 2403417 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 118 (ciarmy.rules) 2403418 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 119 (ciarmy.rules) 2403419 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 120 (ciarmy.rules) 2403420 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 121 (ciarmy.rules) 2403421 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 122 (ciarmy.rules) 2403422 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 123 (ciarmy.rules) 2403423 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 124 (ciarmy.rules) 2403424 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 125 (ciarmy.rules) 2403425 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 126 (ciarmy.rules) 2403426 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 127 (ciarmy.rules) 2403427 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 128 (ciarmy.rules) 2403428 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 129 (ciarmy.rules) 2403429 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 130 (ciarmy.rules) 2403430 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 131 (ciarmy.rules) 2403431 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 132 (ciarmy.rules) 2403432 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 133 (ciarmy.rules) 2403433 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 134 (ciarmy.rules) 2403434 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 135 (ciarmy.rules) 2403435 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 136 (ciarmy.rules) 2403436 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 137 (ciarmy.rules) 2403437 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 138 (ciarmy.rules) 2403438 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 139 (ciarmy.rules) 2403439 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 140 (ciarmy.rules) 2403440 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 141 (ciarmy.rules) 2403441 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 142 (ciarmy.rules) 2403442 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 143 (ciarmy.rules) 2403443 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 144 (ciarmy.rules) 2403444 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 145 (ciarmy.rules) 2403445 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 146 (ciarmy.rules) 2403446 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 147 (ciarmy.rules) 2403447 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 148 (ciarmy.rules) 2403448 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 149 (ciarmy.rules) 2403449 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 150 (ciarmy.rules) 2403450 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 151 (ciarmy.rules) 2403451 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 152 (ciarmy.rules) 2403452 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 153 (ciarmy.rules) 2403453 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 154 (ciarmy.rules) 2403454 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 155 (ciarmy.rules) 2403455 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 156 (ciarmy.rules) 2403456 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 157 (ciarmy.rules) 2403457 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 158 (ciarmy.rules) 2403458 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 159 (ciarmy.rules) 2403459 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 160 (ciarmy.rules) 2403460 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 161 (ciarmy.rules) 2403461 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 162 (ciarmy.rules) 2403462 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 163 (ciarmy.rules) 2403463 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 164 (ciarmy.rules) 2403464 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 165 (ciarmy.rules) 2403465 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 166 (ciarmy.rules) 2403466 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 167 (ciarmy.rules) 2403467 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 168 (ciarmy.rules) 2403468 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 169 (ciarmy.rules) 2403469 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 170 (ciarmy.rules) 2403470 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 171 (ciarmy.rules) 2403471 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 172 (ciarmy.rules) 2403472 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 173 (ciarmy.rules) 2403473 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 174 (ciarmy.rules) 2403474 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 175 (ciarmy.rules) 2403475 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 176 (ciarmy.rules) 2403476 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 177 (ciarmy.rules) 2403477 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 178 (ciarmy.rules) 2403478 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 179 (ciarmy.rules) 2403479 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 180 (ciarmy.rules) 2403480 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 181 (ciarmy.rules) 2403481 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 182 (ciarmy.rules) 2403482 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 183 (ciarmy.rules) 2403483 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 184 (ciarmy.rules) 2403484 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 185 (ciarmy.rules) 2403485 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 186 (ciarmy.rules) 2403486 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 187 (ciarmy.rules) 2403487 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 188 (ciarmy.rules) 2403488 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 189 (ciarmy.rules) 2403489 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 190 (ciarmy.rules) 2403490 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 191 (ciarmy.rules) 2403491 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 192 (ciarmy.rules) 2403492 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 193 (ciarmy.rules) 2403493 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 194 (ciarmy.rules) 2403494 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 195 (ciarmy.rules) 2403495 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 196 (ciarmy.rules) 2403496 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 197 (ciarmy.rules) 2403497 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 198 (ciarmy.rules) 2403498 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 199 (ciarmy.rules) 2403499 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 200 (ciarmy.rules) 2403500 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 201 (ciarmy.rules) 2403501 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 202 (ciarmy.rules) 2403502 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 203 (ciarmy.rules) 2403503 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 204 (ciarmy.rules) 2403504 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 205 (ciarmy.rules) 2403505 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 206 (ciarmy.rules) 2403506 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 207 (ciarmy.rules) 2403507 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 208 (ciarmy.rules) 2403508 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 209 (ciarmy.rules) 2403509 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 210 (ciarmy.rules) 2403510 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 211 (ciarmy.rules) 2403511 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 212 (ciarmy.rules) 2403512 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 213 (ciarmy.rules) 2403513 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 214 (ciarmy.rules) 2403514 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 215 (ciarmy.rules) 2403515 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 216 (ciarmy.rules) 2403516 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 217 (ciarmy.rules) 2403517 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 218 (ciarmy.rules) 2403518 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 219 (ciarmy.rules) 2403519 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 220 (ciarmy.rules) 2403520 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 221 (ciarmy.rules) 2403521 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 222 (ciarmy.rules) 2403522 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 223 (ciarmy.rules) 2403523 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 224 (ciarmy.rules) 2403524 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 225 (ciarmy.rules) 2403525 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 226 (ciarmy.rules) 2403526 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 227 (ciarmy.rules) 2403527 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 228 (ciarmy.rules) 2403528 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 229 (ciarmy.rules) 2403529 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 230 (ciarmy.rules) 2403530 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 231 (ciarmy.rules) 2403531 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 232 (ciarmy.rules) 2403532 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 233 (ciarmy.rules) 2403533 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 234 (ciarmy.rules) 2403534 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 235 (ciarmy.rules) 2403535 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 236 (ciarmy.rules) 2403536 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 237 (ciarmy.rules) 2403537 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 238 (ciarmy.rules) 2403538 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 239 (ciarmy.rules) 2403539 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 240 (ciarmy.rules) 2403540 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 241 (ciarmy.rules) 2403541 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 242 (ciarmy.rules) 2403542 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 243 (ciarmy.rules) 2403543 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 244 (ciarmy.rules) 2403544 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 245 (ciarmy.rules) 2403545 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 246 (ciarmy.rules) 2403546 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 247 (ciarmy.rules) 2403547 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 248 (ciarmy.rules) 2403548 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 249 (ciarmy.rules) 2403549 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 250 (ciarmy.rules) 2403550 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 251 (ciarmy.rules) 2403551 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 252 (ciarmy.rules) 2403552 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 253 (ciarmy.rules) 2403553 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 254 (ciarmy.rules) 2403554 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 255 (ciarmy.rules) 2403555 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 256 (ciarmy.rules) 2403556 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 257 (ciarmy.rules) 2403557 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 258 (ciarmy.rules) 2403558 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 259 (ciarmy.rules) 2403559 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 260 (ciarmy.rules) 2403560 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 261 (ciarmy.rules) 2403561 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 262 (ciarmy.rules) 2403562 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 263 (ciarmy.rules) 2403563 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 264 (ciarmy.rules) 2403564 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 265 (ciarmy.rules) 2403565 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 266 (ciarmy.rules) 2403566 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 267 (ciarmy.rules) 2403567 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 268 (ciarmy.rules) 2403568 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 269 (ciarmy.rules) 2403569 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 270 (ciarmy.rules) 2403570 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 271 (ciarmy.rules) 2403571 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 272 (ciarmy.rules) 2403572 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 273 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 444 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 805 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 1881 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 2222 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2823895 - ProApps TROJAN Chthonic TCP Domain Lookup 11 (trojan.rules) 2823947 - ProApps TROJAN Chthonic TCP Domain Lookup 12 (trojan.rules) 2823979 - ProApps TROJAN Chthonic TCP Domain Lookup 13 (trojan.rules) [+++] Removed rules: 2 [+++] 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) [***] ProApps Security IDS Rules Changelog started Tue Dec 27 17:10:27 2016 [***] [+++] Added rules: 106 [+++] 2023680 - ProApps MOBILE_MALWARE Android Fancy Bear Checkin (mobile_malware.rules) 2023681 - ProApps MOBILE_MALWARE Android Fancy Bear Checkin 2 (mobile_malware.rules) 2023682 - ProApps MOBILE_MALWARE Android Fancy Bear Checkin 3 (mobile_malware.rules) 2023683 - ProApps MOBILE_MALWARE Android Fancy Bear Checkin 4 (mobile_malware.rules) 2023684 - ProApps MOBILE_MALWARE Android Fancy Bear Checkin 5 (mobile_malware.rules) 2023685 - ProApps MOBILE_MALWARE Android Fancy Bear Checkin 6 (mobile_malware.rules) 2023686 - ProApps EXPLOIT Possible CVE-2016-10033 PHPMailer RCE Attempt (exploit.rules) 2403507 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 208 (ciarmy.rules) 2403508 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 209 (ciarmy.rules) 2403509 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 210 (ciarmy.rules) 2403510 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 211 (ciarmy.rules) 2403511 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 212 (ciarmy.rules) 2403512 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 213 (ciarmy.rules) 2403513 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 214 (ciarmy.rules) 2403514 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 215 (ciarmy.rules) 2403515 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 216 (ciarmy.rules) 2403516 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 217 (ciarmy.rules) 2403517 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 218 (ciarmy.rules) 2403518 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 219 (ciarmy.rules) 2403519 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 220 (ciarmy.rules) 2403520 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 221 (ciarmy.rules) 2403521 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 222 (ciarmy.rules) 2403522 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 223 (ciarmy.rules) 2403523 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 224 (ciarmy.rules) 2403524 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 225 (ciarmy.rules) 2403525 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 226 (ciarmy.rules) 2403526 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 227 (ciarmy.rules) 2403527 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 228 (ciarmy.rules) 2403528 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 229 (ciarmy.rules) 2403529 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 230 (ciarmy.rules) 2403530 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 231 (ciarmy.rules) 2403531 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 232 (ciarmy.rules) 2403532 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 233 (ciarmy.rules) 2403533 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 234 (ciarmy.rules) 2403534 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 235 (ciarmy.rules) 2403535 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 236 (ciarmy.rules) 2403536 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 237 (ciarmy.rules) 2403537 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 238 (ciarmy.rules) 2403538 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 239 (ciarmy.rules) 2403539 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 240 (ciarmy.rules) 2403540 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 241 (ciarmy.rules) 2403541 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 242 (ciarmy.rules) 2403542 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 243 (ciarmy.rules) 2403543 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 244 (ciarmy.rules) 2403544 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 245 (ciarmy.rules) 2403545 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 246 (ciarmy.rules) 2403546 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 247 (ciarmy.rules) 2403547 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 248 (ciarmy.rules) 2403548 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 249 (ciarmy.rules) 2403549 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 250 (ciarmy.rules) 2403550 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 251 (ciarmy.rules) 2403551 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 252 (ciarmy.rules) 2403552 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 253 (ciarmy.rules) 2403553 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 254 (ciarmy.rules) 2403554 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 255 (ciarmy.rules) 2403555 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 256 (ciarmy.rules) 2403556 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 257 (ciarmy.rules) 2403557 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 258 (ciarmy.rules) 2403558 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 259 (ciarmy.rules) 2403559 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 260 (ciarmy.rules) 2403560 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 261 (ciarmy.rules) 2403561 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 262 (ciarmy.rules) 2403562 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 263 (ciarmy.rules) 2403563 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 264 (ciarmy.rules) 2403564 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 265 (ciarmy.rules) 2403565 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 266 (ciarmy.rules) 2403566 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 267 (ciarmy.rules) 2403567 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 268 (ciarmy.rules) 2403568 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 269 (ciarmy.rules) 2403569 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 270 (ciarmy.rules) 2403570 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 271 (ciarmy.rules) 2403571 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 272 (ciarmy.rules) 2403572 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 273 (ciarmy.rules) 2824048 - ProApps TROJAN MSIL/Unknown DDoS Bot CnC Checkin (trojan.rules) 2824049 - ProApps TROJAN Unk.Dropper DL Cryptolocker via FTP (trojan.rules) 2824050 - ProApps CURRENT_EVENTS SunDown EK Landing Dec 27 2016 (current_events.rules) 2824051 - ProApps TROJAN DNS Query to Cerber Domain (mzuirs . top) (trojan.rules) 2824052 - ProApps TROJAN DNS Query to Cerber Domain (r8c85p . top) (trojan.rules) 2824053 - ProApps TROJAN DNS Query to Cerber Domain (hezwde . top) (trojan.rules) 2824054 - ProApps TROJAN DNS Query to Cerber Domain (h44l3d . bid) (trojan.rules) 2824055 - ProApps TROJAN DNS Query to Cerber Domain (34efzl . top) (trojan.rules) 2824056 - ProApps TROJAN DNS Query to Cerber Domain (eo6n4d . top) (trojan.rules) 2824057 - ProApps TROJAN DNS Query to Cerber Domain (trbrkn . top) (trojan.rules) 2824058 - ProApps TROJAN DNS Query to Cerber Domain (lruwth . top) (trojan.rules) 2824059 - ProApps TROJAN DNS Query to Cerber Domain (vbfyit . top) (trojan.rules) 2824060 - ProApps TROJAN DNS Query to Cerber Domain (hbhpzu . top) (trojan.rules) 2824061 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2824062 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2824063 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2824064 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2824065 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2824066 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2824067 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2824068 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2016-12-27 1) (trojan.rules) 2824069 - ProApps TROJAN Bitcoin Miner Known Malicious Basic Auth (cHJpdDQ4LndvcmtlcjE6Nm93WUZ0Uks=) (trojan.rules) 2824070 - ProApps TROJAN Chthonic TCP Domain Lookup 01 (trojan.rules) 2824071 - ProApps TROJAN Chthonic TCP Domain Lookup 02 (trojan.rules) 2824072 - ProApps TROJAN Chthonic TCP Domain Lookup 03 (trojan.rules) 2824073 - ProApps TROJAN Chthonic TCP Domain Lookup 04 (trojan.rules) 2824074 - ProApps TROJAN Chthonic TCP Domain Lookup 05 (trojan.rules) 2824075 - ProApps TROJAN Chthonic TCP Domain Lookup 06 (trojan.rules) 2824076 - ProApps TROJAN Chthonic TCP Domain Lookup 07 (trojan.rules) 2824077 - ProApps TROJAN Chthonic TCP Domain Lookup 08 (trojan.rules) 2824078 - ProApps TROJAN Chthonic TCP Domain Lookup 09 (trojan.rules) 2824079 - ProApps TROJAN Chthonic TCP Domain Lookup 10 (trojan.rules) 2824080 - ProApps MOBILE_MALWARE Android.Trojan.InfoStealer.DP Checkin (mobile_malware.rules) [+++] Modify rules: 301 [+++] 2019680 - ProApps TROJAN Possible Archie EK Payload Checkin GET (trojan.rules) 2400000 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 1 (drop.rules) 2400001 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 2 (drop.rules) 2400002 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 3 (drop.rules) 2400003 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 4 (drop.rules) 2400004 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 5 (drop.rules) 2400005 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 6 (drop.rules) 2400006 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 7 (drop.rules) 2400007 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 8 (drop.rules) 2400008 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 9 (drop.rules) 2400009 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 10 (drop.rules) 2400010 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 11 (drop.rules) 2400011 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 12 (drop.rules) 2400012 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 13 (drop.rules) 2400013 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 14 (drop.rules) 2400014 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 15 (drop.rules) 2400015 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 16 (drop.rules) 2400016 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 17 (drop.rules) 2400017 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 18 (drop.rules) 2400018 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 19 (drop.rules) 2400019 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 20 (drop.rules) 2400020 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 21 (drop.rules) 2400021 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 22 (drop.rules) 2400022 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 23 (drop.rules) 2400023 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 24 (drop.rules) 2400024 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 25 (drop.rules) 2400025 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 26 (drop.rules) 2400026 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 27 (drop.rules) 2400027 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 28 (drop.rules) 2400028 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 29 (drop.rules) 2400029 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 30 (drop.rules) 2400030 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 31 (drop.rules) 2400031 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 32 (drop.rules) 2400032 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 33 (drop.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2403400 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 101 (ciarmy.rules) 2403401 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 102 (ciarmy.rules) 2403402 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 103 (ciarmy.rules) 2403403 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 104 (ciarmy.rules) 2403404 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 105 (ciarmy.rules) 2403405 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 106 (ciarmy.rules) 2403406 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 107 (ciarmy.rules) 2403407 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 108 (ciarmy.rules) 2403408 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 109 (ciarmy.rules) 2403409 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 110 (ciarmy.rules) 2403410 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 111 (ciarmy.rules) 2403411 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 112 (ciarmy.rules) 2403412 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 113 (ciarmy.rules) 2403413 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 114 (ciarmy.rules) 2403414 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 115 (ciarmy.rules) 2403415 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 116 (ciarmy.rules) 2403416 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 117 (ciarmy.rules) 2403417 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 118 (ciarmy.rules) 2403418 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 119 (ciarmy.rules) 2403419 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 120 (ciarmy.rules) 2403420 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 121 (ciarmy.rules) 2403421 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 122 (ciarmy.rules) 2403422 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 123 (ciarmy.rules) 2403423 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 124 (ciarmy.rules) 2403424 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 125 (ciarmy.rules) 2403425 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 126 (ciarmy.rules) 2403426 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 127 (ciarmy.rules) 2403427 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 128 (ciarmy.rules) 2403428 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 129 (ciarmy.rules) 2403429 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 130 (ciarmy.rules) 2403430 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 131 (ciarmy.rules) 2403431 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 132 (ciarmy.rules) 2403432 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 133 (ciarmy.rules) 2403433 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 134 (ciarmy.rules) 2403434 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 135 (ciarmy.rules) 2403435 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 136 (ciarmy.rules) 2403436 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 137 (ciarmy.rules) 2403437 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 138 (ciarmy.rules) 2403438 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 139 (ciarmy.rules) 2403439 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 140 (ciarmy.rules) 2403440 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 141 (ciarmy.rules) 2403441 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 142 (ciarmy.rules) 2403442 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 143 (ciarmy.rules) 2403443 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 144 (ciarmy.rules) 2403444 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 145 (ciarmy.rules) 2403445 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 146 (ciarmy.rules) 2403446 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 147 (ciarmy.rules) 2403447 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 148 (ciarmy.rules) 2403448 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 149 (ciarmy.rules) 2403449 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 150 (ciarmy.rules) 2403450 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 151 (ciarmy.rules) 2403451 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 152 (ciarmy.rules) 2403452 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 153 (ciarmy.rules) 2403453 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 154 (ciarmy.rules) 2403454 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 155 (ciarmy.rules) 2403455 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 156 (ciarmy.rules) 2403456 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 157 (ciarmy.rules) 2403457 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 158 (ciarmy.rules) 2403458 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 159 (ciarmy.rules) 2403459 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 160 (ciarmy.rules) 2403460 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 161 (ciarmy.rules) 2403461 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 162 (ciarmy.rules) 2403462 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 163 (ciarmy.rules) 2403463 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 164 (ciarmy.rules) 2403464 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 165 (ciarmy.rules) 2403465 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 166 (ciarmy.rules) 2403466 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 167 (ciarmy.rules) 2403467 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 168 (ciarmy.rules) 2403468 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 169 (ciarmy.rules) 2403469 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 170 (ciarmy.rules) 2403470 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 171 (ciarmy.rules) 2403471 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 172 (ciarmy.rules) 2403472 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 173 (ciarmy.rules) 2403473 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 174 (ciarmy.rules) 2403474 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 175 (ciarmy.rules) 2403475 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 176 (ciarmy.rules) 2403476 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 177 (ciarmy.rules) 2403477 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 178 (ciarmy.rules) 2403478 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 179 (ciarmy.rules) 2403479 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 180 (ciarmy.rules) 2403480 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 181 (ciarmy.rules) 2403481 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 182 (ciarmy.rules) 2403482 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 183 (ciarmy.rules) 2403483 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 184 (ciarmy.rules) 2403484 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 185 (ciarmy.rules) 2403485 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 186 (ciarmy.rules) 2403486 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 187 (ciarmy.rules) 2403487 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 188 (ciarmy.rules) 2403488 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 189 (ciarmy.rules) 2403489 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 190 (ciarmy.rules) 2403490 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 191 (ciarmy.rules) 2403491 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 192 (ciarmy.rules) 2403492 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 193 (ciarmy.rules) 2403493 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 194 (ciarmy.rules) 2403494 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 195 (ciarmy.rules) 2403495 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 196 (ciarmy.rules) 2403496 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 197 (ciarmy.rules) 2403497 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 198 (ciarmy.rules) 2403498 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 199 (ciarmy.rules) 2403499 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 200 (ciarmy.rules) 2403500 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 201 (ciarmy.rules) 2403501 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 202 (ciarmy.rules) 2403502 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 203 (ciarmy.rules) 2403503 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 204 (ciarmy.rules) 2403504 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 205 (ciarmy.rules) 2403505 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 206 (ciarmy.rules) 2403506 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 207 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 223 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 444 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 805 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 1881 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 2222 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 4433 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 6969 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2807012 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.i Checkin 2 (mobile_malware.rules) 2809583 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.m Checkin 3 (mobile_malware.rules) 2823895 - ProApps TROJAN Chthonic Domain Lookup (trojan.rules) 2823947 - ProApps TROJAN Chthonic Domain Lookup (trojan.rules) 2823979 - ProApps TROJAN Chthonic Domain Lookup (trojan.rules) [+++] Removed rules: 7 [+++] 2405054 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2824023 - ProApps MOBILE_MALWARE Android Fancy Bear Checkin (mobile_malware.rules) 2824024 - ProApps MOBILE_MALWARE Android Fancy Bear Checkin 2 (mobile_malware.rules) 2824025 - ProApps MOBILE_MALWARE Android Fancy Bear Checkin 3 (mobile_malware.rules) 2824026 - ProApps MOBILE_MALWARE Android Fancy Bear Checkin 4 (mobile_malware.rules) 2824027 - ProApps MOBILE_MALWARE Android Fancy Bear Checkin 5 (mobile_malware.rules) 2824028 - ProApps MOBILE_MALWARE Android Fancy Bear Checkin 6 (mobile_malware.rules) [***] ProApps Security IDS Rules Changelog started Fri Dec 23 18:22:51 2016 [***] [+++] Added rules: 0 [+++] [+++] Modify rules: 0 [+++] [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Fri Dec 23 17:36:30 2016 [***] [+++] Added rules: 40 [+++] 2023679 - ProApps TROJAN JS/WSF Downloader Dec 08 2016 M6 (trojan.rules) 2403493 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 194 (ciarmy.rules) 2403494 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 195 (ciarmy.rules) 2403495 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 196 (ciarmy.rules) 2403496 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 197 (ciarmy.rules) 2403497 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 198 (ciarmy.rules) 2403498 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 199 (ciarmy.rules) 2403499 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 200 (ciarmy.rules) 2403500 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 201 (ciarmy.rules) 2403501 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 202 (ciarmy.rules) 2403502 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 203 (ciarmy.rules) 2403503 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 204 (ciarmy.rules) 2403504 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 205 (ciarmy.rules) 2403505 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 206 (ciarmy.rules) 2403506 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 207 (ciarmy.rules) 2824023 - ProApps MOBILE_MALWARE Android Fancy Bear Checkin (mobile_malware.rules) 2824024 - ProApps MOBILE_MALWARE Android Fancy Bear Checkin 2 (mobile_malware.rules) 2824025 - ProApps MOBILE_MALWARE Android Fancy Bear Checkin 3 (mobile_malware.rules) 2824026 - ProApps MOBILE_MALWARE Android Fancy Bear Checkin 4 (mobile_malware.rules) 2824027 - ProApps MOBILE_MALWARE Android Fancy Bear Checkin 5 (mobile_malware.rules) 2824028 - ProApps MOBILE_MALWARE Android Fancy Bear Checkin 6 (mobile_malware.rules) 2824029 - ProApps TROJAN Observed Malvertising Domain SSL Cert (trojan.rules) 2824030 - ProApps TROJAN Observed Malicious JS Downloader SSL Cert (trojan.rules) 2824031 - ProApps TROJAN W32.Dreambot Checkin 2 (trojan.rules) 2824032 - ProApps TROJAN W32.Dreambot Downloading TOR Module (trojan.rules) 2824033 - ProApps TROJAN DNS Query to Cerber Domain (obnctf . bid) (trojan.rules) 2824034 - ProApps TROJAN DNS Query to Cerber Domain (kj3f52 . bid) (trojan.rules) 2824035 - ProApps TROJAN DNS Query to Cerber Domain (zgw8bu . top) (trojan.rules) 2824036 - ProApps TROJAN DNS Query to Cerber Domain (rt01jw . top) (trojan.rules) 2824037 - ProApps TROJAN DNS Query to Cerber Domain (4ghwzy . top) (trojan.rules) 2824038 - ProApps TROJAN DNS Query to Cerber Domain (u8e2dz . top) (trojan.rules) 2824039 - ProApps TROJAN DNS Query to Cerber Domain (3m3ngm . top) (trojan.rules) 2824040 - ProApps TROJAN DNS Query to Cerber Domain (eujvrw . bid) (trojan.rules) 2824041 - ProApps TROJAN DNS Query to Cerber Domain (bw9e2z . top) (trojan.rules) 2824042 - ProApps TROJAN DNS Query to Cerber Domain (yl1wg6 . top) (trojan.rules) 2824043 - ProApps TROJAN Win32.Bunitu DNS Lookup (trojan.rules) 2824044 - ProApps TROJAN MSIL/Nucklear Ransomware CnC Checkin (trojan.rules) 2824045 - ProApps CURRENT_EVENTS Successful Zurich Cantonal Bank Phish Dec 23 2016 (current_events.rules) 2824046 - ProApps CURRENT_EVENTS Successful Windows Live Phish Dec 23 2016 (current_events.rules) 2824047 - ProApps CURRENT_EVENTS Successful Poste Italiane Phish Dec 23 2016 (current_events.rules) [+++] Modify rules: 261 [+++] 2020503 - ProApps TROJAN Win32/HydraCrypt CnC Beacon 3 (trojan.rules) 2022906 - ProApps TROJAN Towerweb Ransomware Landing Page (trojan.rules) 2023671 - ProApps TROJAN JS/WSF Downloader Dec 08 2016 M3 (trojan.rules) 2023672 - ProApps TROJAN JS/WSF Downloader Dec 08 2016 M4 (trojan.rules) 2023673 - ProApps TROJAN JS/WSF Downloader Dec 08 2016 M5 (trojan.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2403400 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 101 (ciarmy.rules) 2403401 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 102 (ciarmy.rules) 2403402 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 103 (ciarmy.rules) 2403403 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 104 (ciarmy.rules) 2403404 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 105 (ciarmy.rules) 2403405 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 106 (ciarmy.rules) 2403406 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 107 (ciarmy.rules) 2403407 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 108 (ciarmy.rules) 2403408 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 109 (ciarmy.rules) 2403409 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 110 (ciarmy.rules) 2403410 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 111 (ciarmy.rules) 2403411 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 112 (ciarmy.rules) 2403412 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 113 (ciarmy.rules) 2403413 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 114 (ciarmy.rules) 2403414 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 115 (ciarmy.rules) 2403415 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 116 (ciarmy.rules) 2403416 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 117 (ciarmy.rules) 2403417 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 118 (ciarmy.rules) 2403418 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 119 (ciarmy.rules) 2403419 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 120 (ciarmy.rules) 2403420 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 121 (ciarmy.rules) 2403421 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 122 (ciarmy.rules) 2403422 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 123 (ciarmy.rules) 2403423 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 124 (ciarmy.rules) 2403424 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 125 (ciarmy.rules) 2403425 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 126 (ciarmy.rules) 2403426 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 127 (ciarmy.rules) 2403427 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 128 (ciarmy.rules) 2403428 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 129 (ciarmy.rules) 2403429 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 130 (ciarmy.rules) 2403430 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 131 (ciarmy.rules) 2403431 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 132 (ciarmy.rules) 2403432 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 133 (ciarmy.rules) 2403433 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 134 (ciarmy.rules) 2403434 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 135 (ciarmy.rules) 2403435 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 136 (ciarmy.rules) 2403436 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 137 (ciarmy.rules) 2403437 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 138 (ciarmy.rules) 2403438 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 139 (ciarmy.rules) 2403439 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 140 (ciarmy.rules) 2403440 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 141 (ciarmy.rules) 2403441 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 142 (ciarmy.rules) 2403442 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 143 (ciarmy.rules) 2403443 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 144 (ciarmy.rules) 2403444 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 145 (ciarmy.rules) 2403445 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 146 (ciarmy.rules) 2403446 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 147 (ciarmy.rules) 2403447 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 148 (ciarmy.rules) 2403448 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 149 (ciarmy.rules) 2403449 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 150 (ciarmy.rules) 2403450 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 151 (ciarmy.rules) 2403451 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 152 (ciarmy.rules) 2403452 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 153 (ciarmy.rules) 2403453 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 154 (ciarmy.rules) 2403454 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 155 (ciarmy.rules) 2403455 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 156 (ciarmy.rules) 2403456 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 157 (ciarmy.rules) 2403457 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 158 (ciarmy.rules) 2403458 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 159 (ciarmy.rules) 2403459 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 160 (ciarmy.rules) 2403460 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 161 (ciarmy.rules) 2403461 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 162 (ciarmy.rules) 2403462 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 163 (ciarmy.rules) 2403463 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 164 (ciarmy.rules) 2403464 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 165 (ciarmy.rules) 2403465 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 166 (ciarmy.rules) 2403466 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 167 (ciarmy.rules) 2403467 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 168 (ciarmy.rules) 2403468 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 169 (ciarmy.rules) 2403469 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 170 (ciarmy.rules) 2403470 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 171 (ciarmy.rules) 2403471 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 172 (ciarmy.rules) 2403472 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 173 (ciarmy.rules) 2403473 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 174 (ciarmy.rules) 2403474 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 175 (ciarmy.rules) 2403475 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 176 (ciarmy.rules) 2403476 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 177 (ciarmy.rules) 2403477 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 178 (ciarmy.rules) 2403478 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 179 (ciarmy.rules) 2403479 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 180 (ciarmy.rules) 2403480 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 181 (ciarmy.rules) 2403481 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 182 (ciarmy.rules) 2403482 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 183 (ciarmy.rules) 2403483 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 184 (ciarmy.rules) 2403484 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 185 (ciarmy.rules) 2403485 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 186 (ciarmy.rules) 2403486 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 187 (ciarmy.rules) 2403487 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 188 (ciarmy.rules) 2403488 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 189 (ciarmy.rules) 2403489 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 190 (ciarmy.rules) 2403490 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 191 (ciarmy.rules) 2403491 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 192 (ciarmy.rules) 2403492 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 193 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 223 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 444 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 805 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 1881 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 2222 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 4433 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 8085 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405054 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2805919 - ProApps TROJAN CryptoWall Check-in M3 (trojan.rules) 2815121 - ProApps TROJAN Win32/HydraCrypt CnC Beacon 4 (trojan.rules) 2815217 - ProApps TROJAN Deshacop Ransomware CnC Beacon 2 (trojan.rules) 2816796 - ProApps TROJAN Win32/Denisca.A Variant Checkin (trojan.rules) 2819995 - ProApps CURRENT_EVENTS Successful Adobe Phish Apr 29 (current_events.rules) 2820743 - ProApps TROJAN Towerweb Ransomware Ransom Image Download (trojan.rules) 2821175 - ProApps TROJAN Win32/Filecoder.Q Ransomware Checkin (trojan.rules) [+++] Removed rules: 2 [+++] 2016185 - ProApps TROJAN Unknown Ransomware Checkin (trojan.rules) 2405055 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) [***] ProApps Security IDS Rules Changelog started Thu Dec 22 17:53:54 2016 [***] [+++] Added rules: 29 [+++] 2023677 - ProApps TROJAN Tofsee DGA (2016-12-15 to 2017-05-04) (trojan.rules) 2023678 - ProApps TROJAN Tofsee DGA (2017-05-04 to 2017-11-02) (trojan.rules) 2403481 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 182 (ciarmy.rules) 2403482 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 183 (ciarmy.rules) 2403483 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 184 (ciarmy.rules) 2403484 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 185 (ciarmy.rules) 2403485 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 186 (ciarmy.rules) 2403486 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 187 (ciarmy.rules) 2403487 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 188 (ciarmy.rules) 2403488 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 189 (ciarmy.rules) 2403489 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 190 (ciarmy.rules) 2403490 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 191 (ciarmy.rules) 2403491 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 192 (ciarmy.rules) 2403492 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 193 (ciarmy.rules) 2824008 - ProApps TROJAN DNS Query to Cerber Domain (yjo0z9 . top) (trojan.rules) 2824009 - ProApps TROJAN DNS Query to Cerber Domain (gt6nsg . bid) (trojan.rules) 2824010 - ProApps TROJAN DNS Query to Cerber Domain (ud9z0v . top) (trojan.rules) 2824011 - ProApps TROJAN DNS Query to Cerber Domain (h6dxvo . top) (trojan.rules) 2824012 - ProApps TROJAN DNS Query to Cerber Domain (u8yz5b . top) (trojan.rules) 2824013 - ProApps TROJAN DNS Query to Cerber Domain (j5s57p . bid) (trojan.rules) 2824014 - ProApps TROJAN DNS Query to Cerber Domain (a9glrg . top) (trojan.rules) 2824015 - ProApps TROJAN DNS Query to Cerber Domain (utebcd . top) (trojan.rules) 2824016 - ProApps TROJAN DNS Query to Cerber Domain (et7izd . top) (trojan.rules) 2824017 - ProApps TROJAN DNS Query to Cerber Domain (7pnxn9 . top) (trojan.rules) 2824018 - ProApps TROJAN W32/Pubsapp Checkin (trojan.rules) 2824019 - ProApps CURRENT_EVENTS Successful Google Drive Phish Dec 22 2016 (current_events.rules) 2824020 - ProApps CURRENT_EVENTS Successful Credential Phish (Multiple Brands) Dec 22 2016 (current_events.rules) 2824021 - ProApps CURRENT_EVENTS Successful Sparkasse (DE) Phish Dec 22 2016 (current_events.rules) 2824022 - ProApps TROJAN Hidden Tear .onion Proxy Domain (trojan.rules) [+++] Modify rules: 243 [+++] 2022798 - ProApps TROJAN SHUJIN .onion Payment Page (trojan.rules) 2023482 - ProApps CURRENT_EVENTS Evil Redirector Leading to EK EITest Inject Oct 17 2016 M2 (current_events.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2403400 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 101 (ciarmy.rules) 2403401 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 102 (ciarmy.rules) 2403402 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 103 (ciarmy.rules) 2403403 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 104 (ciarmy.rules) 2403404 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 105 (ciarmy.rules) 2403405 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 106 (ciarmy.rules) 2403406 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 107 (ciarmy.rules) 2403407 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 108 (ciarmy.rules) 2403408 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 109 (ciarmy.rules) 2403409 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 110 (ciarmy.rules) 2403410 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 111 (ciarmy.rules) 2403411 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 112 (ciarmy.rules) 2403412 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 113 (ciarmy.rules) 2403413 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 114 (ciarmy.rules) 2403414 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 115 (ciarmy.rules) 2403415 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 116 (ciarmy.rules) 2403416 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 117 (ciarmy.rules) 2403417 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 118 (ciarmy.rules) 2403418 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 119 (ciarmy.rules) 2403419 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 120 (ciarmy.rules) 2403420 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 121 (ciarmy.rules) 2403421 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 122 (ciarmy.rules) 2403422 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 123 (ciarmy.rules) 2403423 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 124 (ciarmy.rules) 2403424 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 125 (ciarmy.rules) 2403425 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 126 (ciarmy.rules) 2403426 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 127 (ciarmy.rules) 2403427 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 128 (ciarmy.rules) 2403428 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 129 (ciarmy.rules) 2403429 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 130 (ciarmy.rules) 2403430 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 131 (ciarmy.rules) 2403431 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 132 (ciarmy.rules) 2403432 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 133 (ciarmy.rules) 2403433 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 134 (ciarmy.rules) 2403434 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 135 (ciarmy.rules) 2403435 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 136 (ciarmy.rules) 2403436 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 137 (ciarmy.rules) 2403437 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 138 (ciarmy.rules) 2403438 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 139 (ciarmy.rules) 2403439 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 140 (ciarmy.rules) 2403440 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 141 (ciarmy.rules) 2403441 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 142 (ciarmy.rules) 2403442 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 143 (ciarmy.rules) 2403443 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 144 (ciarmy.rules) 2403444 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 145 (ciarmy.rules) 2403445 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 146 (ciarmy.rules) 2403446 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 147 (ciarmy.rules) 2403447 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 148 (ciarmy.rules) 2403448 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 149 (ciarmy.rules) 2403449 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 150 (ciarmy.rules) 2403450 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 151 (ciarmy.rules) 2403451 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 152 (ciarmy.rules) 2403452 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 153 (ciarmy.rules) 2403453 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 154 (ciarmy.rules) 2403454 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 155 (ciarmy.rules) 2403455 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 156 (ciarmy.rules) 2403456 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 157 (ciarmy.rules) 2403457 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 158 (ciarmy.rules) 2403458 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 159 (ciarmy.rules) 2403459 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 160 (ciarmy.rules) 2403460 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 161 (ciarmy.rules) 2403461 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 162 (ciarmy.rules) 2403462 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 163 (ciarmy.rules) 2403463 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 164 (ciarmy.rules) 2403464 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 165 (ciarmy.rules) 2403465 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 166 (ciarmy.rules) 2403466 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 167 (ciarmy.rules) 2403467 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 168 (ciarmy.rules) 2403468 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 169 (ciarmy.rules) 2403469 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 170 (ciarmy.rules) 2403470 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 171 (ciarmy.rules) 2403471 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 172 (ciarmy.rules) 2403472 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 173 (ciarmy.rules) 2403473 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 174 (ciarmy.rules) 2403474 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 175 (ciarmy.rules) 2403475 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 176 (ciarmy.rules) 2403476 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 177 (ciarmy.rules) 2403477 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 178 (ciarmy.rules) 2403478 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 179 (ciarmy.rules) 2403479 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 180 (ciarmy.rules) 2403480 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 181 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 223 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 444 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 805 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 1881 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 2222 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 3327 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 6969 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 8085 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405054 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405055 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2815578 - ProApps TROJAN Encryptor Raas .onion Proxy Domain (trojan.rules) 2823539 - ProApps CURRENT_EVENTS Evil scriptjs Redirect to EK Nov 29 2016 (current_events.rules) 2823937 - ProApps CURRENT_EVENTS Successful Generic Phish (302) Dec 16 2016 (current_events.rules) [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Wed Dec 21 17:10:37 2016 [***] [+++] Added rules: 19 [+++] 2403477 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 178 (ciarmy.rules) 2403478 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 179 (ciarmy.rules) 2403479 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 180 (ciarmy.rules) 2403480 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 181 (ciarmy.rules) 2823993 - ProApps MALWARE MSIL/Obnovi.B Checkin (malware.rules) 2823994 - ProApps TROJAN MSIL.Dagobert Checkin (trojan.rules) 2823995 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2823996 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2016-12-21 1) (trojan.rules) 2823997 - ProApps TROJAN DNS Query to Cerber Domain (2wfe60 . top) (trojan.rules) 2823998 - ProApps TROJAN DNS Query to Cerber Domain (af38vz . top) (trojan.rules) 2823999 - ProApps TROJAN DNS Query to Cerber Domain (r31sot . top) (trojan.rules) 2824000 - ProApps TROJAN DNS Query to Cerber Domain (o6fa2g . top) (trojan.rules) 2824001 - ProApps TROJAN DNS Query to Cerber Domain (1bqroa . top) (trojan.rules) 2824002 - ProApps TROJAN DNS Query to Cerber Domain (piv6tv . top) (trojan.rules) 2824003 - ProApps TROJAN DNS Query to Cerber Domain (tih6y9 . top) (trojan.rules) 2824004 - ProApps TROJAN DNS Query to Cerber Domain (f5x6ws . top) (trojan.rules) 2824005 - ProApps TROJAN DNS Query to Cerber Domain (pcwcu6 . bid) (trojan.rules) 2824006 - ProApps TROJAN DNS Query to Cerber Domain (od3rag . top) (trojan.rules) 2824007 - ProApps TROJAN BACKDOOR.FREELOAD Checkin (trojan.rules) [+++] Modify rules: 237 [+++] 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2403400 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 101 (ciarmy.rules) 2403401 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 102 (ciarmy.rules) 2403402 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 103 (ciarmy.rules) 2403403 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 104 (ciarmy.rules) 2403404 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 105 (ciarmy.rules) 2403405 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 106 (ciarmy.rules) 2403406 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 107 (ciarmy.rules) 2403407 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 108 (ciarmy.rules) 2403408 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 109 (ciarmy.rules) 2403409 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 110 (ciarmy.rules) 2403410 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 111 (ciarmy.rules) 2403411 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 112 (ciarmy.rules) 2403412 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 113 (ciarmy.rules) 2403413 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 114 (ciarmy.rules) 2403414 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 115 (ciarmy.rules) 2403415 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 116 (ciarmy.rules) 2403416 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 117 (ciarmy.rules) 2403417 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 118 (ciarmy.rules) 2403418 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 119 (ciarmy.rules) 2403419 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 120 (ciarmy.rules) 2403420 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 121 (ciarmy.rules) 2403421 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 122 (ciarmy.rules) 2403422 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 123 (ciarmy.rules) 2403423 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 124 (ciarmy.rules) 2403424 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 125 (ciarmy.rules) 2403425 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 126 (ciarmy.rules) 2403426 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 127 (ciarmy.rules) 2403427 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 128 (ciarmy.rules) 2403428 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 129 (ciarmy.rules) 2403429 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 130 (ciarmy.rules) 2403430 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 131 (ciarmy.rules) 2403431 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 132 (ciarmy.rules) 2403432 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 133 (ciarmy.rules) 2403433 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 134 (ciarmy.rules) 2403434 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 135 (ciarmy.rules) 2403435 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 136 (ciarmy.rules) 2403436 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 137 (ciarmy.rules) 2403437 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 138 (ciarmy.rules) 2403438 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 139 (ciarmy.rules) 2403439 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 140 (ciarmy.rules) 2403440 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 141 (ciarmy.rules) 2403441 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 142 (ciarmy.rules) 2403442 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 143 (ciarmy.rules) 2403443 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 144 (ciarmy.rules) 2403444 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 145 (ciarmy.rules) 2403445 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 146 (ciarmy.rules) 2403446 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 147 (ciarmy.rules) 2403447 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 148 (ciarmy.rules) 2403448 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 149 (ciarmy.rules) 2403449 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 150 (ciarmy.rules) 2403450 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 151 (ciarmy.rules) 2403451 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 152 (ciarmy.rules) 2403452 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 153 (ciarmy.rules) 2403453 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 154 (ciarmy.rules) 2403454 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 155 (ciarmy.rules) 2403455 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 156 (ciarmy.rules) 2403456 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 157 (ciarmy.rules) 2403457 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 158 (ciarmy.rules) 2403458 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 159 (ciarmy.rules) 2403459 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 160 (ciarmy.rules) 2403460 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 161 (ciarmy.rules) 2403461 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 162 (ciarmy.rules) 2403462 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 163 (ciarmy.rules) 2403463 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 164 (ciarmy.rules) 2403464 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 165 (ciarmy.rules) 2403465 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 166 (ciarmy.rules) 2403466 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 167 (ciarmy.rules) 2403467 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 168 (ciarmy.rules) 2403468 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 169 (ciarmy.rules) 2403469 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 170 (ciarmy.rules) 2403470 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 171 (ciarmy.rules) 2403471 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 172 (ciarmy.rules) 2403472 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 173 (ciarmy.rules) 2403473 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 174 (ciarmy.rules) 2403474 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 175 (ciarmy.rules) 2403475 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 176 (ciarmy.rules) 2403476 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 177 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 223 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 444 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 805 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 1881 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 2222 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 7777 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 8000 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 8085 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405054 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405055 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2810582 - ProApps TROJAN WIN32/KOVTER.B Checkin 2 (trojan.rules) 2812237 - ProApps CURRENT_EVENTS Possible Successful Generic Phish July 28 (current_events.rules) 2823358 - ProApps CURRENT_EVENTS Successful Credential Phish (Multiple Brands) Nov 18 2016 (current_events.rules) [+++] Removed rules: 1 [+++] 2405056 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) [***] ProApps Security IDS Rules Changelog started Tue Dec 20 17:31:41 2016 [***] [+++] Added rules: 34 [+++] 2023674 - ProApps TROJAN Possible Linux.Mirai DaHua Default Credentials Login (trojan.rules) 2023675 - ProApps TROJAN Win32/Braincrypt Ransomware CnC Checkin (trojan.rules) 2023676 - ProApps TROJAN Cerber Bitcoin Address Check (trojan.rules) 2403473 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 174 (ciarmy.rules) 2403474 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 175 (ciarmy.rules) 2403475 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 176 (ciarmy.rules) 2403476 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 177 (ciarmy.rules) 2823966 - ProApps DOS CVE-2016-8610 (dos.rules) 2823967 - ProApps CURRENT_EVENTS Successful Etisalat Phish Dec 20 2016 (current_events.rules) 2823968 - ProApps CURRENT_EVENTS Successful DHL Phish Dec 20 2016 (current_events.rules) 2823969 - ProApps CURRENT_EVENTS Successful Alibaba Phish Dec 20 2016 (current_events.rules) 2823970 - ProApps CURRENT_EVENTS Successful Banco Itau (BR) M1 Phish Dec 20 2016 (current_events.rules) 2823971 - ProApps CURRENT_EVENTS Successful Banco Itau (BR) M2 Phish Dec 20 2016 (current_events.rules) 2823972 - ProApps CURRENT_EVENTS Successful Banco Itau (BR) M3 Phish Dec 20 2016 (current_events.rules) 2823973 - ProApps CURRENT_EVENTS Successful Dubai Islamic Internet Bank Phish Dec 20 2016 (current_events.rules) 2823974 - ProApps CURRENT_EVENTS Possible Successful Generic Phish (set) Dec 20 2016 (current_events.rules) 2823975 - ProApps CURRENT_EVENTS Successful International Card Services Phish M1 Dec 20 2016 (current_events.rules) 2823976 - ProApps CURRENT_EVENTS Successful International Card Services Phish M2 Dec 19 2016 (current_events.rules) 2823977 - ProApps TROJAN Aaron Remote Keylogger CnC Domain in SNI (trojan.rules) 2823978 - ProApps TROJAN Aaron Remote Keylogger Checkin (trojan.rules) 2823979 - ProApps TROJAN Zloader/Terdot.A Domain Lookup (trojan.rules) 2823980 - ProApps TROJAN DNS Query to Cerber Domain (z5xfkc . top) (trojan.rules) 2823981 - ProApps TROJAN DNS Query to Cerber Domain (nn2ms2 . top) (trojan.rules) 2823982 - ProApps TROJAN DNS Query to Cerber Domain (ul8hph . top) (trojan.rules) 2823983 - ProApps TROJAN DNS Query to Cerber Domain (tyn5ya . top) (trojan.rules) 2823984 - ProApps TROJAN DNS Query to Cerber Domain (1kvftk . top) (trojan.rules) 2823985 - ProApps TROJAN DNS Query to Cerber Domain (arpbxw . top) (trojan.rules) 2823986 - ProApps TROJAN DNS Query to Cerber Domain (z0mkoc . top) (trojan.rules) 2823987 - ProApps TROJAN DNS Query to Cerber Domain (85xcav . top) (trojan.rules) 2823988 - ProApps TROJAN DNS Query to Cerber Domain (15poas . top) (trojan.rules) 2823989 - ProApps TROJAN DNS Query to Cerber Domain (o08ra6 . top) (trojan.rules) 2823990 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.cg Checkin (mobile_malware.rules) 2823991 - ProApps TROJAN MSIL/CryptoBlock Ransomware CnC Activity (trojan.rules) 2823992 - ProApps TROJAN Nuclear Bot Checkin (trojan.rules) [+++] Modify rules: 250 [+++] 2003626 - ProApps MALWARE Double User-Agent (User-Agent User-Agent) (malware.rules) 2008052 - ProApps MALWARE User-Agent (Internet Explorer) (malware.rules) 2011341 - ProApps TROJAN Suspicious POST With Reference to WINDOWS Folder Possible Malware Infection (trojan.rules) 2014313 - ProApps POLICY Executable Download From DropBox (policy.rules) 2014519 - ProApps INFO EXE - Served Inline HTTP (info.rules) 2022627 - ProApps TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Dridex) (trojan.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2403400 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 101 (ciarmy.rules) 2403401 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 102 (ciarmy.rules) 2403402 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 103 (ciarmy.rules) 2403403 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 104 (ciarmy.rules) 2403404 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 105 (ciarmy.rules) 2403405 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 106 (ciarmy.rules) 2403406 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 107 (ciarmy.rules) 2403407 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 108 (ciarmy.rules) 2403408 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 109 (ciarmy.rules) 2403409 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 110 (ciarmy.rules) 2403410 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 111 (ciarmy.rules) 2403411 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 112 (ciarmy.rules) 2403412 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 113 (ciarmy.rules) 2403413 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 114 (ciarmy.rules) 2403414 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 115 (ciarmy.rules) 2403415 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 116 (ciarmy.rules) 2403416 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 117 (ciarmy.rules) 2403417 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 118 (ciarmy.rules) 2403418 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 119 (ciarmy.rules) 2403419 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 120 (ciarmy.rules) 2403420 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 121 (ciarmy.rules) 2403421 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 122 (ciarmy.rules) 2403422 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 123 (ciarmy.rules) 2403423 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 124 (ciarmy.rules) 2403424 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 125 (ciarmy.rules) 2403425 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 126 (ciarmy.rules) 2403426 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 127 (ciarmy.rules) 2403427 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 128 (ciarmy.rules) 2403428 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 129 (ciarmy.rules) 2403429 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 130 (ciarmy.rules) 2403430 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 131 (ciarmy.rules) 2403431 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 132 (ciarmy.rules) 2403432 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 133 (ciarmy.rules) 2403433 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 134 (ciarmy.rules) 2403434 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 135 (ciarmy.rules) 2403435 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 136 (ciarmy.rules) 2403436 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 137 (ciarmy.rules) 2403437 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 138 (ciarmy.rules) 2403438 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 139 (ciarmy.rules) 2403439 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 140 (ciarmy.rules) 2403440 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 141 (ciarmy.rules) 2403441 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 142 (ciarmy.rules) 2403442 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 143 (ciarmy.rules) 2403443 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 144 (ciarmy.rules) 2403444 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 145 (ciarmy.rules) 2403445 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 146 (ciarmy.rules) 2403446 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 147 (ciarmy.rules) 2403447 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 148 (ciarmy.rules) 2403448 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 149 (ciarmy.rules) 2403449 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 150 (ciarmy.rules) 2403450 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 151 (ciarmy.rules) 2403451 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 152 (ciarmy.rules) 2403452 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 153 (ciarmy.rules) 2403453 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 154 (ciarmy.rules) 2403454 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 155 (ciarmy.rules) 2403455 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 156 (ciarmy.rules) 2403456 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 157 (ciarmy.rules) 2403457 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 158 (ciarmy.rules) 2403458 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 159 (ciarmy.rules) 2403459 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 160 (ciarmy.rules) 2403460 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 161 (ciarmy.rules) 2403461 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 162 (ciarmy.rules) 2403462 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 163 (ciarmy.rules) 2403463 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 164 (ciarmy.rules) 2403464 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 165 (ciarmy.rules) 2403465 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 166 (ciarmy.rules) 2403466 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 167 (ciarmy.rules) 2403467 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 168 (ciarmy.rules) 2403468 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 169 (ciarmy.rules) 2403469 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 170 (ciarmy.rules) 2403470 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 171 (ciarmy.rules) 2403471 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 172 (ciarmy.rules) 2403472 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 173 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 223 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 444 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 805 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 1863 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 1881 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 2222 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 3211 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 5050 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 8085 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405054 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405055 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405056 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2802102 - ProApps POLICY MOBILE iPhone locationd update to Apple (policy.rules) 2812203 - ProApps TROJAN Nlex TCP CnC Beacon (trojan.rules) 2819971 - ProApps EXPLOIT Dlink dvg_n5402sp Path Traversal Attempt (exploit.rules) 2819973 - ProApps EXPLOIT Dlink dir_300_600 Remote Code Execution Attempt (exploit.rules) 2819982 - ProApps EXPLOIT AirOS 6x Path Traversal (exploit.rules) 2819984 - ProApps EXPLOIT Netgear ProSafe Remote Code Execution Attempt (exploit.rules) 2820308 - ProApps CURRENT_EVENTS Neutrino EK Payload May 23 2016 (current_events.rules) 2821028 - ProApps TROJAN APT.ZeroT CnC Beacon HTTP POST (trojan.rules) 2821731 - ProApps CURRENT_EVENTS MalDoc Request for Payload Aug 17 2016 (current_events.rules) 2822386 - ProApps CURRENT_EVENTS Possible Evil Redirector Leading to EK Oct 04 2016 (BossTDS) M2 (current_events.rules) 2823365 - ProApps TROJAN Godzilla Loader Retrieving Payload (trojan.rules) 2823479 - ProApps CURRENT_EVENTS Malicious JS to PS Dropping PE Nov 14 M2 (current_events.rules) 2823520 - ProApps CURRENT_EVENTS MalDoc Request for Payload Nov 28 2016 (current_events.rules) [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Mon Dec 19 20:45:43 2016 [***] [+++] Added rules: 60 [+++] 2023658 - ProApps TROJAN APT28 DealersChoice DNS Lookup (trojan.rules) 2023659 - ProApps TROJAN APT28 DealersChoice DNS Lookup (trojan.rules) 2023660 - ProApps TROJAN APT28 DealersChoice DNS Lookup (trojan.rules) 2023661 - ProApps TROJAN APT28 DealersChoice DNS Lookup (trojan.rules) 2023662 - ProApps TROJAN APT28 DealersChoice DNS Lookup (trojan.rules) 2023663 - ProApps TROJAN APT28 DealersChoice DNS Lookup (trojan.rules) 2023664 - ProApps TROJAN APT28 DealersChoice DNS Lookup (trojan.rules) 2023665 - ProApps TROJAN APT28 DealersChoice DNS Lookup (trojan.rules) 2023666 - ProApps TROJAN APT28 DealersChoice DNS Lookup (trojan.rules) 2023667 - ProApps TROJAN APT28/SEDNIT Uploader Variant DNS Lookup (trojan.rules) 2023668 - ProApps INFO Unconfigured nginx Access (info.rules) 2023669 - ProApps TROJAN Click Fraud Checkin (trojan.rules) 2023670 - ProApps INFO IE7UA No Cookie No Referer (info.rules) 2023671 - ProApps TROJAN JS/WSF Downloader Dec 08 2016 M2 (trojan.rules) 2023672 - ProApps TROJAN JS/WSF Downloader Dec 08 2016 M3 (trojan.rules) 2023673 - ProApps TROJAN JS/WSF Downloader Dec 08 2016 M4 (trojan.rules) 2403460 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 161 (ciarmy.rules) 2403461 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 162 (ciarmy.rules) 2403462 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 163 (ciarmy.rules) 2403463 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 164 (ciarmy.rules) 2403464 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 165 (ciarmy.rules) 2403465 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 166 (ciarmy.rules) 2403466 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 167 (ciarmy.rules) 2403467 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 168 (ciarmy.rules) 2403468 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 169 (ciarmy.rules) 2403469 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 170 (ciarmy.rules) 2403470 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 171 (ciarmy.rules) 2403471 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 172 (ciarmy.rules) 2403472 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 173 (ciarmy.rules) 2405055 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405056 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2823937 - ProApps CURRENT_EVENTS Successful Generic Phish (302) Dec 16 2016 (current_events.rules) 2823938 - ProApps TROJAN VBA/TrojanDownloader.Agent.CEW .onion Proxy Domain (trojan.rules) 2823939 - ProApps CURRENT_EVENTS Obfuscated Phishing Landing Dec 18 2016 (current_events.rules) 2823940 - ProApps TROJAN Obfuscated Phishing Landing Dec 18 (trojan.rules) 2823941 - ProApps POLICY DNS Query to .onion proxy Domain (paysteroptionway.com) (policy.rules) 2823942 - ProApps POLICY DNS Query to .onion proxy Domain (dorfact.at) (policy.rules) 2823943 - ProApps POLICY DNS Query to .onion proxy Domain (flyjo.pl) (policy.rules) 2823944 - ProApps TROJAN Win32.Banker.X Downloading User/Pass List (trojan.rules) 2823945 - ProApps CURRENT_EVENTS Microsoft Office Phishing Landing Dec 18 2016 (current_events.rules) 2823946 - ProApps CURRENT_EVENTS Successful PDF Online Phish Dec 18 2016 (current_events.rules) 2823947 - ProApps TROJAN Zloader/Terdot.A Domain Lookup (trojan.rules) 2823948 - ProApps TROJAN Unknown Checkin (trojan.rules) 2823949 - ProApps TROJAN Unknown Downloading Coinminer Exe (trojan.rules) 2823950 - ProApps TROJAN Unknown Downloading Coinminer Configuration (trojan.rules) 2823951 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.cn SMS Exfil (mobile_malware.rules) 2823952 - ProApps TROJAN MSIL/PUP.Linkury Toolbar Adware (trojan.rules) 2823953 - ProApps MALWARE MSIL/PUP.Wizzcaster MySQL Activity (malware.rules) 2823954 - ProApps TROJAN DNS Query to Cerber Domain (8l4jpw . top) (trojan.rules) 2823955 - ProApps TROJAN DNS Query to Cerber Domain (drg1gf . top) (trojan.rules) 2823956 - ProApps TROJAN DNS Query to Cerber Domain (z20x0r . top) (trojan.rules) 2823957 - ProApps TROJAN DNS Query to Cerber Domain (rmgs2r . top) (trojan.rules) 2823958 - ProApps TROJAN DNS Query to Cerber Domain (ttx0ig . top) (trojan.rules) 2823959 - ProApps TROJAN DNS Query to Cerber Domain (gwz8gh . top) (trojan.rules) 2823960 - ProApps TROJAN DNS Query to Cerber Domain (p3tt2t . top) (trojan.rules) 2823961 - ProApps TROJAN DNS Query to Cerber Domain (vtwyjd . top) (trojan.rules) 2823962 - ProApps TROJAN DNS Query to Cerber Domain (3pxhgt . top) (trojan.rules) 2823963 - ProApps TROJAN DNS Query to Cerber Domain (rzt69n . top) (trojan.rules) 2823964 - ProApps MOBILE_MALWARE Android.Trojan.AutoSMS.RZ Contacts Exfil via SMTP (mobile_malware.rules) 2823965 - ProApps CURRENT_EVENTS Successful Paypal (DE) Phish Dec 19 2016 (current_events.rules) [+++] Modify rules: 257 [+++] 2003337 - ProApps MALWARE Suspicious User Agent (Autoupdate) (malware.rules) 2013721 - ProApps TROJAN Suspicious User-Agent (WindowsNT) With No Separating Space (trojan.rules) 2023144 - ProApps TROJAN AgentTesla PWS HTTP CnC Checkin (trojan.rules) 2023344 - ProApps TROJAN APT28 DealersChoice.B DNS Lookup (appexsrv .net) (trojan.rules) 2023594 - ProApps TROJAN JS/WSF Downloader Dec 08 2016 (trojan.rules) 2400000 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 1 (drop.rules) 2400001 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 2 (drop.rules) 2400002 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 3 (drop.rules) 2400003 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 4 (drop.rules) 2400004 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 5 (drop.rules) 2400005 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 6 (drop.rules) 2400006 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 7 (drop.rules) 2400007 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 8 (drop.rules) 2400008 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 9 (drop.rules) 2400009 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 10 (drop.rules) 2400010 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 11 (drop.rules) 2400011 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 12 (drop.rules) 2400012 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 13 (drop.rules) 2400013 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 14 (drop.rules) 2400014 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 15 (drop.rules) 2400015 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 16 (drop.rules) 2400016 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 17 (drop.rules) 2400017 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 18 (drop.rules) 2400018 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 19 (drop.rules) 2400019 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 20 (drop.rules) 2400020 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 21 (drop.rules) 2400021 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 22 (drop.rules) 2400022 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 23 (drop.rules) 2400023 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 24 (drop.rules) 2400024 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 25 (drop.rules) 2400025 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 26 (drop.rules) 2400026 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 27 (drop.rules) 2400027 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 28 (drop.rules) 2400028 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 29 (drop.rules) 2400029 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 30 (drop.rules) 2400030 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 31 (drop.rules) 2400031 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 32 (drop.rules) 2400032 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 33 (drop.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2403400 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 101 (ciarmy.rules) 2403401 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 102 (ciarmy.rules) 2403402 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 103 (ciarmy.rules) 2403403 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 104 (ciarmy.rules) 2403404 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 105 (ciarmy.rules) 2403405 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 106 (ciarmy.rules) 2403406 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 107 (ciarmy.rules) 2403407 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 108 (ciarmy.rules) 2403408 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 109 (ciarmy.rules) 2403409 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 110 (ciarmy.rules) 2403410 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 111 (ciarmy.rules) 2403411 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 112 (ciarmy.rules) 2403412 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 113 (ciarmy.rules) 2403413 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 114 (ciarmy.rules) 2403414 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 115 (ciarmy.rules) 2403415 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 116 (ciarmy.rules) 2403416 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 117 (ciarmy.rules) 2403417 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 118 (ciarmy.rules) 2403418 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 119 (ciarmy.rules) 2403419 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 120 (ciarmy.rules) 2403420 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 121 (ciarmy.rules) 2403421 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 122 (ciarmy.rules) 2403422 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 123 (ciarmy.rules) 2403423 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 124 (ciarmy.rules) 2403424 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 125 (ciarmy.rules) 2403425 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 126 (ciarmy.rules) 2403426 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 127 (ciarmy.rules) 2403427 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 128 (ciarmy.rules) 2403428 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 129 (ciarmy.rules) 2403429 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 130 (ciarmy.rules) 2403430 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 131 (ciarmy.rules) 2403431 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 132 (ciarmy.rules) 2403432 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 133 (ciarmy.rules) 2403433 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 134 (ciarmy.rules) 2403434 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 135 (ciarmy.rules) 2403435 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 136 (ciarmy.rules) 2403436 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 137 (ciarmy.rules) 2403437 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 138 (ciarmy.rules) 2403438 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 139 (ciarmy.rules) 2403439 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 140 (ciarmy.rules) 2403440 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 141 (ciarmy.rules) 2403441 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 142 (ciarmy.rules) 2403442 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 143 (ciarmy.rules) 2403443 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 144 (ciarmy.rules) 2403444 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 145 (ciarmy.rules) 2403445 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 146 (ciarmy.rules) 2403446 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 147 (ciarmy.rules) 2403447 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 148 (ciarmy.rules) 2403448 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 149 (ciarmy.rules) 2403449 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 150 (ciarmy.rules) 2403450 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 151 (ciarmy.rules) 2403451 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 152 (ciarmy.rules) 2403452 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 153 (ciarmy.rules) 2403453 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 154 (ciarmy.rules) 2403454 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 155 (ciarmy.rules) 2403455 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 156 (ciarmy.rules) 2403456 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 157 (ciarmy.rules) 2403457 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 158 (ciarmy.rules) 2403458 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 159 (ciarmy.rules) 2403459 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 160 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 223 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 444 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 805 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 1881 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 2222 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 3211 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 5050 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 7777 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 8085 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405054 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2812237 - ProApps CURRENT_EVENTS Possible Successful Generic Phish July 28 (current_events.rules) 2822570 - ProApps CURRENT_EVENTS Successful Google Drive Phish Oct 11 2016 (current_events.rules) 2823674 - ProApps TROJAN W32/Quasar 1.3 RAT MiscHandler HTTP Pattern (trojan.rules) [+++] Removed rules: 16 [+++] 2011295 - ProApps TROJAN Butterfly/Mariposa Bot client init connection (trojan.rules) 2800286 - ProApps EXPLOIT Microsoft Active Directory LDAP Query Handling (exploit.rules) 2800725 - ProApps DOS Microsoft Windows MSDTC Denial of Service Vulnerability (dos.rules) 2814991 - ProApps CURRENT_EVENTS fake .jpg encrypted binary download request by VBA macro (current_events.rules) 2819782 - ProApps TROJAN CrimeScene Mailer Requesting Config (trojan.rules) 2822244 - ProApps TROJAN MSIL.ShopBot.avf Downloader URI Geo Request (set) (trojan.rules) 2823075 - ProApps TROJAN APT28 DealersChoice DNS Lookup (trojan.rules) 2823587 - ProApps TROJAN APT28 DealersChoice DNS Lookup (trojan.rules) 2823588 - ProApps TROJAN APT28 DealersChoice DNS Lookup (trojan.rules) 2823589 - ProApps TROJAN APT28 DealersChoice DNS Lookup (trojan.rules) 2823609 - ProApps TROJAN APT28 DealersChoice DNS Lookup (trojan.rules) 2823610 - ProApps TROJAN APT28 DealersChoice DNS Lookup (trojan.rules) 2823611 - ProApps TROJAN APT28 DealersChoice DNS Lookup (trojan.rules) 2823612 - ProApps TROJAN APT28 DealersChoice DNS Lookup (trojan.rules) 2823771 - ProApps TROJAN APT28 DealersChoice DNS Lookup (trojan.rules) 2823913 - ProApps TROJAN APT28/SEDNIT Uploader Variant DNS Lookup (trojan.rules) [***] ProApps Security IDS Rules Changelog started Fri Dec 16 16:28:12 2016 [***] [+++] Added rules: 29 [+++] 2023656 - ProApps TROJAN TeleBots VBS Backdoor CnC Beacon 2 (trojan.rules) 2023657 - ProApps CURRENT_EVENTS Microsoft Edge SmartScreen Page Spoof Attempt Dec 16 2016 (current_events.rules) 2403457 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 158 (ciarmy.rules) 2403458 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 159 (ciarmy.rules) 2403459 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 160 (ciarmy.rules) 2823913 - ProApps TROJAN APT28/SEDNIT Uploader Variant DNS Lookup (trojan.rules) 2823914 - ProApps TROJAN VBS/GGLDR Sending Info (trojan.rules) 2823915 - ProApps TROJAN VBS/GGLDR CnC Beacon (trojan.rules) 2823916 - ProApps TROJAN TrickLoader User-Agent Observed (trojan.rules) 2823917 - ProApps TROJAN APT.Rexpot Variant CnC Beacon (trojan.rules) 2823918 - ProApps TROJAN NanoCore RAT CnC 22 (trojan.rules) 2823919 - ProApps CURRENT_EVENTS Successful Generic Phish Dec 16 2016 (current_events.rules) 2823920 - ProApps TROJAN DNS Query to Cerber Domain (4d0934 . bid) (trojan.rules) 2823921 - ProApps TROJAN DNS Query to Cerber Domain (w2fzwt . top) (trojan.rules) 2823922 - ProApps TROJAN DNS Query to Cerber Domain (glg1i0 . top) (trojan.rules) 2823923 - ProApps TROJAN DNS Query to Cerber Domain (uld7hk . top) (trojan.rules) 2823924 - ProApps TROJAN DNS Query to Cerber Domain (fwzxnb . bid) (trojan.rules) 2823925 - ProApps TROJAN DNS Query to Cerber Domain (19h8gc . top) (trojan.rules) 2823926 - ProApps TROJAN DNS Query to Cerber Domain (x29u3i . top) (trojan.rules) 2823927 - ProApps TROJAN DNS Query to Cerber Domain (smd95z . top) (trojan.rules) 2823928 - ProApps TROJAN DNS Query to Cerber Domain (ovzy6p . top) (trojan.rules) 2823929 - ProApps TROJAN DNS Query to Cerber Domain (8dlgyg . bid) (trojan.rules) 2823930 - ProApps MALWARE MSIL/TrojanDownloader.AdLoad.AZ Activity (malware.rules) 2823931 - ProApps CURRENT_EVENTS Successful Dropbox Phish Dec 16 2016 (current_events.rules) 2823932 - ProApps CURRENT_EVENTS Successful Chase Phish Dec 16 2016 (current_events.rules) 2823933 - ProApps CURRENT_EVENTS Successful University of Southern California Phish Dec 16 2016 (current_events.rules) 2823934 - ProApps CURRENT_EVENTS Possible Successful *.myjimo.ru Phish Dec 16 2016 (current_events.rules) 2823935 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.bh Checkin via UDP (mobile_malware.rules) 2823936 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.bh Checkin (mobile_malware.rules) [+++] Modify rules: 216 [+++] 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2403400 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 101 (ciarmy.rules) 2403401 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 102 (ciarmy.rules) 2403402 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 103 (ciarmy.rules) 2403403 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 104 (ciarmy.rules) 2403404 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 105 (ciarmy.rules) 2403405 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 106 (ciarmy.rules) 2403406 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 107 (ciarmy.rules) 2403407 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 108 (ciarmy.rules) 2403408 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 109 (ciarmy.rules) 2403409 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 110 (ciarmy.rules) 2403410 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 111 (ciarmy.rules) 2403411 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 112 (ciarmy.rules) 2403412 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 113 (ciarmy.rules) 2403413 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 114 (ciarmy.rules) 2403414 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 115 (ciarmy.rules) 2403415 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 116 (ciarmy.rules) 2403416 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 117 (ciarmy.rules) 2403417 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 118 (ciarmy.rules) 2403418 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 119 (ciarmy.rules) 2403419 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 120 (ciarmy.rules) 2403420 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 121 (ciarmy.rules) 2403421 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 122 (ciarmy.rules) 2403422 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 123 (ciarmy.rules) 2403423 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 124 (ciarmy.rules) 2403424 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 125 (ciarmy.rules) 2403425 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 126 (ciarmy.rules) 2403426 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 127 (ciarmy.rules) 2403427 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 128 (ciarmy.rules) 2403428 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 129 (ciarmy.rules) 2403429 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 130 (ciarmy.rules) 2403430 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 131 (ciarmy.rules) 2403431 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 132 (ciarmy.rules) 2403432 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 133 (ciarmy.rules) 2403433 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 134 (ciarmy.rules) 2403434 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 135 (ciarmy.rules) 2403435 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 136 (ciarmy.rules) 2403436 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 137 (ciarmy.rules) 2403437 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 138 (ciarmy.rules) 2403438 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 139 (ciarmy.rules) 2403439 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 140 (ciarmy.rules) 2403440 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 141 (ciarmy.rules) 2403441 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 142 (ciarmy.rules) 2403442 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 143 (ciarmy.rules) 2403443 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 144 (ciarmy.rules) 2403444 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 145 (ciarmy.rules) 2403445 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 146 (ciarmy.rules) 2403446 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 147 (ciarmy.rules) 2403447 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 148 (ciarmy.rules) 2403448 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 149 (ciarmy.rules) 2403449 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 150 (ciarmy.rules) 2403450 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 151 (ciarmy.rules) 2403451 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 152 (ciarmy.rules) 2403452 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 153 (ciarmy.rules) 2403453 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 154 (ciarmy.rules) 2403454 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 155 (ciarmy.rules) 2403455 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 156 (ciarmy.rules) 2403456 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 157 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 223 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 444 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 805 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 1881 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 2222 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 5050 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 8085 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405054 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2812045 - ProApps MOBILE_MALWARE Android.Trojan.AndroRAT.E Keep Alive (mobile_malware.rules) 2823357 - ProApps CURRENT_EVENTS Successful Linkedin Phish Nov 18 2016 (current_events.rules) 2823702 - ProApps TROJAN MSIL/Popcorn Ransomware Requesting Image (trojan.rules) [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Thu Dec 15 17:08:13 2016 [***] [+++] Added rules: 42 [+++] 2023652 - ProApps TROJAN TeleBots BCS-server CnC Beacon (trojan.rules) 2023653 - ProApps TROJAN TeleBots BCS-server User-Agent (trojan.rules) 2023654 - ProApps TROJAN TeleBots VBS Backdoor CnC Beacon 1 (trojan.rules) 2023655 - ProApps TROJAN Ransomware Maktub .onion Payment Domain (maktubebz6z6cgtw) (trojan.rules) 2403451 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 152 (ciarmy.rules) 2403452 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 153 (ciarmy.rules) 2403453 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 154 (ciarmy.rules) 2403454 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 155 (ciarmy.rules) 2403455 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 156 (ciarmy.rules) 2403456 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 157 (ciarmy.rules) 2823881 - ProApps MOBILE_MALWARE Possible Malvertising Redirection for iOS (mobile_malware.rules) 2823882 - ProApps TROJAN Win32/Sage Ransomware CnC Beacon (trojan.rules) 2823883 - ProApps TROJAN Ransomware/Cerber Onion Domain Lookup (trojan.rules) 2823884 - ProApps TROJAN DNS Query to Cerber Domain (pfw1bw . bid) (trojan.rules) 2823885 - ProApps TROJAN DNS Query to Cerber Domain (dgjpgy . top) (trojan.rules) 2823886 - ProApps TROJAN DNS Query to Cerber Domain (yur4j5 . top) (trojan.rules) 2823887 - ProApps TROJAN DNS Query to Cerber Domain (ncw0rp . top) (trojan.rules) 2823888 - ProApps TROJAN DNS Query to Cerber Domain (xe1ws1 . top) (trojan.rules) 2823889 - ProApps TROJAN DNS Query to Cerber Domain (llt6up . top) (trojan.rules) 2823890 - ProApps TROJAN DNS Query to Cerber Domain (dc2djf . top) (trojan.rules) 2823891 - ProApps TROJAN DNS Query to Cerber Domain (zee0xr . top) (trojan.rules) 2823892 - ProApps TROJAN DNS Query to Cerber Domain (p161bl . top) (trojan.rules) 2823893 - ProApps TROJAN DNS Query to Cerber Domain (rjf9yn . top) (trojan.rules) 2823894 - ProApps CURRENT_EVENTS Magnitude EK Landing Dec 14 2016 (current_events.rules) 2823895 - ProApps TROJAN Zloader/Terdot.A Domain Lookup (trojan.rules) 2823896 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher SSL CnC Cert (mobile_malware.rules) 2823897 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2823898 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2823899 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2823900 - ProApps WEB_CLIENT Windows Graphics RCE (CVE-2016-7272) 1 (web_client.rules) 2823901 - ProApps TROJAN Zeus Panda Banker Malicious SSL Certificate Detected (trojan.rules) 2823902 - ProApps CURRENT_EVENTS Successful Generic Phish Dec 15 2016 (current_events.rules) 2823903 - ProApps CURRENT_EVENTS Successful BB&T Bank Phish Dec 15 2016 (current_events.rules) 2823904 - ProApps CURRENT_EVENTS Successful Amazon (FR) Phish Dec 15 2016 (current_events.rules) 2823905 - ProApps CURRENT_EVENTS Successful Tesco Bank Phish M1 Phish Dec 15 2016 (current_events.rules) 2823906 - ProApps CURRENT_EVENTS Successful Tesco Bank Phish M2 Dec 15 2016 (current_events.rules) 2823907 - ProApps CURRENT_EVENTS Successful Tesco Bank Phish M3 Dec 15 2016 (current_events.rules) 2823908 - ProApps CURRENT_EVENTS Successful Tesco Bank Phish M4 Dec 15 2016 (current_events.rules) 2823909 - ProApps CURRENT_EVENTS Successful Alibaba Phish Dec 15 2016 (current_events.rules) 2823910 - ProApps CURRENT_EVENTS Mailbox Deactivation Phishing Landing Dec 15 2016 (current_events.rules) 2823911 - ProApps CURRENT_EVENTS Successful Mailbox Deactivation Phish Dec 15 2016 (current_events.rules) 2823912 - ProApps CURRENT_EVENTS Google Drive Phishing Landing Redirect Dec 15 2016 (current_events.rules) [+++] Modify rules: 214 [+++] 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2403400 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 101 (ciarmy.rules) 2403401 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 102 (ciarmy.rules) 2403402 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 103 (ciarmy.rules) 2403403 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 104 (ciarmy.rules) 2403404 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 105 (ciarmy.rules) 2403405 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 106 (ciarmy.rules) 2403406 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 107 (ciarmy.rules) 2403407 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 108 (ciarmy.rules) 2403408 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 109 (ciarmy.rules) 2403409 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 110 (ciarmy.rules) 2403410 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 111 (ciarmy.rules) 2403411 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 112 (ciarmy.rules) 2403412 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 113 (ciarmy.rules) 2403413 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 114 (ciarmy.rules) 2403414 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 115 (ciarmy.rules) 2403415 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 116 (ciarmy.rules) 2403416 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 117 (ciarmy.rules) 2403417 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 118 (ciarmy.rules) 2403418 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 119 (ciarmy.rules) 2403419 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 120 (ciarmy.rules) 2403420 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 121 (ciarmy.rules) 2403421 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 122 (ciarmy.rules) 2403422 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 123 (ciarmy.rules) 2403423 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 124 (ciarmy.rules) 2403424 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 125 (ciarmy.rules) 2403425 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 126 (ciarmy.rules) 2403426 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 127 (ciarmy.rules) 2403427 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 128 (ciarmy.rules) 2403428 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 129 (ciarmy.rules) 2403429 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 130 (ciarmy.rules) 2403430 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 131 (ciarmy.rules) 2403431 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 132 (ciarmy.rules) 2403432 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 133 (ciarmy.rules) 2403433 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 134 (ciarmy.rules) 2403434 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 135 (ciarmy.rules) 2403435 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 136 (ciarmy.rules) 2403436 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 137 (ciarmy.rules) 2403437 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 138 (ciarmy.rules) 2403438 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 139 (ciarmy.rules) 2403439 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 140 (ciarmy.rules) 2403440 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 141 (ciarmy.rules) 2403441 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 142 (ciarmy.rules) 2403442 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 143 (ciarmy.rules) 2403443 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 144 (ciarmy.rules) 2403444 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 145 (ciarmy.rules) 2403445 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 146 (ciarmy.rules) 2403446 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 147 (ciarmy.rules) 2403447 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 148 (ciarmy.rules) 2403448 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 149 (ciarmy.rules) 2403449 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 150 (ciarmy.rules) 2403450 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 151 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 223 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 444 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 805 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 1881 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 2222 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 8085 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 8782 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405054 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2808644 - ProApps TROJAN Win32/Hupigon.NYK Checkin (trojan.rules) 2822435 - ProApps CURRENT_EVENTS Successful Paypal Phish M2 Oct 06 2016 (current_events.rules) 2822665 - ProApps CURRENT_EVENTS Successful Amazon (UK) Phish Oct 17 2016 (current_events.rules) 2823832 - ProApps WEB_CLIENT Windows Graphics RCE (CVE-2016-7272) 1 (web_client.rules) 2823833 - ProApps WEB_CLIENT Windows Graphics RCE (CVE-2016-7272) 2 (web_client.rules) 2823861 - ProApps CURRENT_EVENTS Successful Captcha Entered Leading to Ursnif Download Dec 13 2016 (current_events.rules) 2823862 - ProApps TROJAN Zipped JS Ursnif Downloaded Dec 13 2016 (trojan.rules) [+++] Removed rules: 1 [+++] 2405055 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) [***] ProApps Security IDS Rules Changelog started Wed Dec 14 16:28:27 2016 [***] [+++] Added rules: 38 [+++] 2023640 - ProApps INFO Noction IRP Probe (info.rules) 2023641 - ProApps TROJAN NEODYMIUM Wingbird DNS Lookup (srv601 .ddns.net) (trojan.rules) 2023642 - ProApps TROJAN NEODYMIUM Wingbird DNS Lookup (srv602 .ddns.net) (trojan.rules) 2023643 - ProApps TROJAN PROMETHIUM/StrongPity DNS Lookup (updatesync .com) (trojan.rules) 2023644 - ProApps TROJAN PROMETHIUM/StrongPity DNS Lookup (svnservices .com) (trojan.rules) 2023645 - ProApps TROJAN PROMETHIUM/StrongPity DNS Lookup (mynetenergy .com) (trojan.rules) 2023646 - ProApps TROJAN PROMETHIUM/StrongPity DNS Lookup (windriversupport .com) (trojan.rules) 2023647 - ProApps TROJAN PROMETHIUM/StrongPity DNS Lookup (truecrypte .org) (trojan.rules) 2023648 - ProApps TROJAN PROMETHIUM/StrongPity DNS Lookup (edicupd002 .com) (trojan.rules) 2023649 - ProApps TROJAN PROMETHIUM/StrongPity DNS Lookup (jourrapid .com) (trojan.rules) 2023650 - ProApps TROJAN PROMETHIUM/StrongPity DNS Lookup (true-crypte .website) (trojan.rules) 2023651 - ProApps TROJAN PROMETHIUM/StrongPity DNS Lookup (myrappid .com) (trojan.rules) 2403446 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 147 (ciarmy.rules) 2403447 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 148 (ciarmy.rules) 2403448 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 149 (ciarmy.rules) 2403449 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 150 (ciarmy.rules) 2403450 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 151 (ciarmy.rules) 2823860 - ProApps CURRENT_EVENTS Drivesafe.org.uk Phishing Landing Dec 13 2016 (current_events.rules) 2823861 - ProApps CURRENT_EVENTS Successful Captcha Entered Leading to Ursnif Download Dec 13 2016 (current_events.rules) 2823862 - ProApps TROJAN Zipped JS Ursnif Downloaded Dec 13 2016 (trojan.rules) 2823863 - ProApps TROJAN Possible Ursnif Tor Module Download (trojan.rules) 2823864 - ProApps TROJAN Possible Ursnif Tor Module Download (trojan.rules) 2823865 - ProApps TROJAN DNS Query to Cerber Domain (htbzl2 . top) (trojan.rules) 2823866 - ProApps TROJAN DNS Query to Cerber Domain (rovr6i . top) (trojan.rules) 2823867 - ProApps TROJAN DNS Query to Cerber Domain (5s96fr . top) (trojan.rules) 2823868 - ProApps TROJAN DNS Query to Cerber Domain (tidldc . top) (trojan.rules) 2823869 - ProApps TROJAN DNS Query to Cerber Domain (0cgaez . top) (trojan.rules) 2823870 - ProApps TROJAN DNS Query to Cerber Domain (eu2xdg . top) (trojan.rules) 2823871 - ProApps TROJAN DNS Query to Cerber Domain (dj68hn . top) (trojan.rules) 2823872 - ProApps TROJAN DNS Query to Cerber Domain (45yu0p . bid) (trojan.rules) 2823873 - ProApps TROJAN DNS Query to Cerber Domain (djiag3 . top) (trojan.rules) 2823874 - ProApps TROJAN DNS Query to Cerber Domain (d7h6yx . top) (trojan.rules) 2823875 - ProApps CURRENT_EVENTS Successful HM Revenue Phish Dec 14 2016 (current_events.rules) 2823876 - ProApps CURRENT_EVENTS HM Revenue Phishing Landing Dec 14 2016 (current_events.rules) 2823877 - ProApps CURRENT_EVENTS Successful Discover Phish M1 Dec 14 2016 (current_events.rules) 2823878 - ProApps CURRENT_EVENTS Successful Discover Phish M2 Dec 14 2016 (current_events.rules) 2823879 - ProApps CURRENT_EVENTS Successful Discover Phish M3 Dec 14 2016 (current_events.rules) 2823880 - ProApps TROJAN Instagram Bot Retrieving Configuration (trojan.rules) [+++] Modify rules: 210 [+++] 2023611 - ProApps TROJAN Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 107 (trojan.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2403400 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 101 (ciarmy.rules) 2403401 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 102 (ciarmy.rules) 2403402 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 103 (ciarmy.rules) 2403403 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 104 (ciarmy.rules) 2403404 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 105 (ciarmy.rules) 2403405 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 106 (ciarmy.rules) 2403406 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 107 (ciarmy.rules) 2403407 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 108 (ciarmy.rules) 2403408 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 109 (ciarmy.rules) 2403409 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 110 (ciarmy.rules) 2403410 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 111 (ciarmy.rules) 2403411 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 112 (ciarmy.rules) 2403412 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 113 (ciarmy.rules) 2403413 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 114 (ciarmy.rules) 2403414 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 115 (ciarmy.rules) 2403415 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 116 (ciarmy.rules) 2403416 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 117 (ciarmy.rules) 2403417 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 118 (ciarmy.rules) 2403418 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 119 (ciarmy.rules) 2403419 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 120 (ciarmy.rules) 2403420 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 121 (ciarmy.rules) 2403421 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 122 (ciarmy.rules) 2403422 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 123 (ciarmy.rules) 2403423 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 124 (ciarmy.rules) 2403424 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 125 (ciarmy.rules) 2403425 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 126 (ciarmy.rules) 2403426 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 127 (ciarmy.rules) 2403427 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 128 (ciarmy.rules) 2403428 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 129 (ciarmy.rules) 2403429 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 130 (ciarmy.rules) 2403430 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 131 (ciarmy.rules) 2403431 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 132 (ciarmy.rules) 2403432 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 133 (ciarmy.rules) 2403433 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 134 (ciarmy.rules) 2403434 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 135 (ciarmy.rules) 2403435 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 136 (ciarmy.rules) 2403436 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 137 (ciarmy.rules) 2403437 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 138 (ciarmy.rules) 2403438 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 139 (ciarmy.rules) 2403439 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 140 (ciarmy.rules) 2403440 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 141 (ciarmy.rules) 2403441 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 142 (ciarmy.rules) 2403442 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 143 (ciarmy.rules) 2403443 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 144 (ciarmy.rules) 2403444 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 145 (ciarmy.rules) 2403445 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 146 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 223 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 444 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 805 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 1881 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 2222 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 4423 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 5050 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 8085 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 8782 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405054 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405055 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2812406 - ProApps TROJAN Win32/Venik CnC Beacon (trojan.rules) 2814194 - ProApps TROJAN Win32/Qbot Variant Exfil via FTP (trojan.rules) 2816469 - ProApps TROJAN Ursnif Exfil via UDP (trojan.rules) 2823251 - ProApps CURRENT_EVENTS Malicious JS to PS Dropping PE Nov 14 (current_events.rules) 2823479 - ProApps CURRENT_EVENTS Malicious JS to PS Dropping PE Nov 14 M2 (current_events.rules) 2823858 - ProApps TROJAN W32.Shigo Ransomware Checkin (trojan.rules) [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Tue Dec 13 17:21:12 2016 [***] [+++] Added rules: 61 [+++] 2023629 - ProApps INFO Suspicious Empty SSL Certificate - Observed in Cobalt Strike (info.rules) 2023630 - ProApps TROJAN Mirai Botnet Domain Observed (trojan.rules) 2023631 - ProApps TROJAN Mirai Botnet Domain Observed (trojan.rules) 2023632 - ProApps TROJAN Mirai Botnet Domain Observed (trojan.rules) 2023633 - ProApps TROJAN Mirai Botnet Domain Observed (trojan.rules) 2023634 - ProApps TROJAN Mirai Botnet Domain Observed (trojan.rules) 2023635 - ProApps TROJAN Mirai Botnet Domain Observed (trojan.rules) 2023636 - ProApps TROJAN Mirai Botnet Domain Observed (trojan.rules) 2023637 - ProApps TROJAN Mirai Botnet Domain Observed (trojan.rules) 2023638 - ProApps CURRENT_EVENTS Common Phishing Redirect Dec 13 2016 (current_events.rules) 2023639 - ProApps TROJAN ABUSE.CH SSL Fingerprint Blacklist Malicious SSL Certificate Detected (Gootkit C2) (trojan.rules) 2403443 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 144 (ciarmy.rules) 2403444 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 145 (ciarmy.rules) 2403445 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 146 (ciarmy.rules) 2823813 - ProApps CURRENT_EVENTS Successful Telstra Refund Phish Dec 13 2016 (current_events.rules) 2823814 - ProApps CURRENT_EVENTS Successful iTunes Connect Phish M1 Dec 13 2016 (current_events.rules) 2823815 - ProApps CURRENT_EVENTS Successful iTunes Connect Phish M2 Dec 13 2016 (current_events.rules) 2823816 - ProApps CURRENT_EVENTS Successful iTunes Connect Phish M3 Dec 13 2016 (current_events.rules) 2823817 - ProApps CURRENT_EVENTS Successful Paypal Phish M1 Dec 13 2016 (current_events.rules) 2823818 - ProApps CURRENT_EVENTS Successful Paypal Phish M2 Dec 13 2016 (current_events.rules) 2823819 - ProApps CURRENT_EVENTS Successful Paypal Phish M3 Dec 13 2016 (current_events.rules) 2823820 - ProApps CURRENT_EVENTS Successful Paypal Phish M4 Dec 13 2016 (current_events.rules) 2823821 - ProApps CURRENT_EVENTS Successful Paypal Phish M5 Dec 13 2016 (current_events.rules) 2823822 - ProApps CURRENT_EVENTS Successful Adobe Shared PDF Phish Dec 13 2016 (current_events.rules) 2823823 - ProApps CURRENT_EVENTS Possible Successful Generic Phish (set) Dec 13 2016 (current_events.rules) 2823824 - ProApps CURRENT_EVENTS Successful Chase Phish Dec 13 2016 (current_events.rules) 2823825 - ProApps TROJAN MSIL/Revenge-RAT CnC Checkin (trojan.rules) 2823826 - ProApps TROJAN MSIL/Revenge-RAT Keep-Alive Activity (Outbound) (trojan.rules) 2823827 - ProApps TROJAN MSIL/Revenge-RAT Keep-Alive Activity (Inbound) (trojan.rules) 2823828 - ProApps WEB_CLIENT Possible Microsoft Edge Buffer Overflow M2 (CVE-2016-7202) (web_client.rules) 2823829 - ProApps WEB_CLIENT Possible Microsoft Edge Buffer Overflow M3 (CVE-2016-7202) (web_client.rules) 2823830 - ProApps WEB_CLIENT Possible Microsoft Edge Buffer Overflow M4 (CVE-2016-7202) (web_client.rules) 2823831 - ProApps EXPLOIT Microsoft Edge CSS History Information Disclosure Vulnerability (CVE-2016-7206) (exploit.rules) 2823832 - ProApps WEB_CLIENT Windows Graphics RCE (CVE-2016-7272) 1 (web_client.rules) 2823833 - ProApps WEB_CLIENT Windows Graphics RCE (CVE-2016-7272) 2 (web_client.rules) 2823834 - ProApps WEB_CLIENT Possible Microsoft Edge XSS Request Inbound (CVE-2016-7280) (web_client.rules) 2823835 - ProApps WEB_CLIENT Microsoft Edge Security Feature Bypass (CVE-2016-7282) (web_client.rules) 2823836 - ProApps EXPLOIT Microsoft Internet Explorer Memory Corruption Vulnerability in DrawMultiple Payloads (CVE-2016-7283) (exploit.rules) 2823837 - ProApps EXPLOIT Microsoft Edge Memory Corruption Vulnerability (CVE-2016-7286) (exploit.rules) 2823838 - ProApps WEB_CLIENT Possible Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7287) (web_client.rules) 2823839 - ProApps WEB_CLIENT Possible Microsoft Edge Memory Corruption Vulnerability (CVE-2016-7288) (web_client.rules) 2823840 - ProApps WEB_CLIENT Microsoft Edge Chakra RCE Vulnerability (CVE-2016-7297) (web_client.rules) 2823841 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.bt Checkin (mobile_malware.rules) 2823842 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.bt Checkin 2 (mobile_malware.rules) 2823843 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.bt Checkin 3 (mobile_malware.rules) 2823844 - ProApps TROJAN DNS Query to Cerber Domain (m20ehf . top) (trojan.rules) 2823845 - ProApps TROJAN DNS Query to Cerber Domain (lbxvhk . top) (trojan.rules) 2823846 - ProApps TROJAN DNS Query to Cerber Domain (g0lpnj . bid) (trojan.rules) 2823847 - ProApps TROJAN DNS Query to Cerber Domain (3peyo3 . bid) (trojan.rules) 2823848 - ProApps TROJAN DNS Query to Cerber Domain (17rmvr . top) (trojan.rules) 2823849 - ProApps TROJAN DNS Query to Cerber Domain (85kvie . top) (trojan.rules) 2823850 - ProApps TROJAN DNS Query to Cerber Domain (hmjwi2 . bid) (trojan.rules) 2823851 - ProApps TROJAN DNS Query to Cerber Domain (x9ap4h . top) (trojan.rules) 2823852 - ProApps TROJAN DNS Query to Cerber Domain (zj1ffv . top) (trojan.rules) 2823853 - ProApps TROJAN DNS Query to Cerber Domain (bhynoo . top) (trojan.rules) 2823854 - ProApps CURRENT_EVENTS SunDown EK Landing Dec 13 2016 (current_events.rules) 2823855 - ProApps CURRENT_EVENTS SunDown EK Flash Exploit Dec 13 2016 (current_events.rules) 2823856 - ProApps CURRENT_EVENTS SunDown EK Payload Dec 13 2016 (current_events.rules) 2823857 - ProApps CURRENT_EVENTS SunDown EK Payload Dec 13 2016 M2 (current_events.rules) 2823858 - ProApps TROJAN W32.Shigo Ransomware Checkin (trojan.rules) 2823859 - ProApps TROJAN MSIL/Unknown HTTP PWS Exfil (trojan.rules) [+++] Modify rules: 205 [+++] 2014726 - ProApps POLICY Outdated Windows Flash Version IE (policy.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2403400 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 101 (ciarmy.rules) 2403401 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 102 (ciarmy.rules) 2403402 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 103 (ciarmy.rules) 2403403 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 104 (ciarmy.rules) 2403404 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 105 (ciarmy.rules) 2403405 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 106 (ciarmy.rules) 2403406 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 107 (ciarmy.rules) 2403407 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 108 (ciarmy.rules) 2403408 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 109 (ciarmy.rules) 2403409 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 110 (ciarmy.rules) 2403410 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 111 (ciarmy.rules) 2403411 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 112 (ciarmy.rules) 2403412 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 113 (ciarmy.rules) 2403413 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 114 (ciarmy.rules) 2403414 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 115 (ciarmy.rules) 2403415 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 116 (ciarmy.rules) 2403416 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 117 (ciarmy.rules) 2403417 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 118 (ciarmy.rules) 2403418 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 119 (ciarmy.rules) 2403419 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 120 (ciarmy.rules) 2403420 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 121 (ciarmy.rules) 2403421 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 122 (ciarmy.rules) 2403422 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 123 (ciarmy.rules) 2403423 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 124 (ciarmy.rules) 2403424 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 125 (ciarmy.rules) 2403425 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 126 (ciarmy.rules) 2403426 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 127 (ciarmy.rules) 2403427 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 128 (ciarmy.rules) 2403428 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 129 (ciarmy.rules) 2403429 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 130 (ciarmy.rules) 2403430 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 131 (ciarmy.rules) 2403431 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 132 (ciarmy.rules) 2403432 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 133 (ciarmy.rules) 2403433 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 134 (ciarmy.rules) 2403434 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 135 (ciarmy.rules) 2403435 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 136 (ciarmy.rules) 2403436 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 137 (ciarmy.rules) 2403437 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 138 (ciarmy.rules) 2403438 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 139 (ciarmy.rules) 2403439 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 140 (ciarmy.rules) 2403440 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 141 (ciarmy.rules) 2403441 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 142 (ciarmy.rules) 2403442 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 143 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 223 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 444 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 805 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 1881 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 2222 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 4423 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 8085 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 8782 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405054 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405055 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2822482 - ProApps CURRENT_EVENTS SunDown/Xer Payload (URL Primer) (current_events.rules) 2823077 - ProApps CURRENT_EVENTS GreenFlash SunDown EK Flash Exploit (current_events.rules) 2823482 - ProApps CURRENT_EVENTS Successful Alibaba Phish Nov 28 2016 (current_events.rules) 2823788 - ProApps TROJAN DNSChanger Rogue DNS Server (A Lookup) (trojan.rules) [+++] Removed rules: 2 [+++] 2405056 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2822815 - ProApps INFO Suspicious Empty SSL Certificate - Observed in Cobalt Strike (info.rules) [***] ProApps Security IDS Rules Changelog started Mon Dec 12 16:39:25 2016 [***] [+++] Added rules: 72 [+++] 2023599 - ProApps TROJAN Mirai Botnet Domain Observed (trojan.rules) 2023600 - ProApps TROJAN Mirai Botnet Domain Observed (trojan.rules) 2023601 - ProApps TROJAN Mirai Botnet Domain Observed (trojan.rules) 2023602 - ProApps TROJAN Mirai Botnet Domain Observed (trojan.rules) 2023603 - ProApps TROJAN Mirai Botnet Domain Observed (trojan.rules) 2023604 - ProApps TROJAN Mirai Botnet Domain Observed (trojan.rules) 2023605 - ProApps TROJAN Mirai Botnet Domain Observed (trojan.rules) 2023606 - ProApps TROJAN Mirai Botnet Domain Observed (trojan.rules) 2023607 - ProApps TROJAN Mirai Botnet Domain Observed (trojan.rules) 2023608 - ProApps TROJAN Mirai Botnet Domain Observed (trojan.rules) 2023609 - ProApps TROJAN Mirai Botnet Domain Observed (trojan.rules) 2023610 - ProApps TROJAN Mirai Botnet Domain Observed (trojan.rules) 2023611 - ProApps TROJAN Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 107 (trojan.rules) 2023612 - ProApps TROJAN Ransomware/Cerber Checkin M3 (1) (trojan.rules) 2023613 - ProApps TROJAN Ransomware/Cerber Checkin M3 (2) (trojan.rules) 2023614 - ProApps TROJAN Ransomware/Cerber Checkin M3 (3) (trojan.rules) 2023615 - ProApps TROJAN Ransomware/Cerber Checkin M3 (4) (trojan.rules) 2023616 - ProApps TROJAN Ransomware/Cerber Checkin M3 (5) (trojan.rules) 2023617 - ProApps TROJAN Ransomware/Cerber Checkin M3 (6) (trojan.rules) 2023618 - ProApps TROJAN Ransomware/Cerber Checkin M3 (7) (trojan.rules) 2023619 - ProApps TROJAN Ransomware/Cerber Checkin M3 (8) (trojan.rules) 2023620 - ProApps TROJAN Ransomware/Cerber Checkin M3 (9) (trojan.rules) 2023621 - ProApps TROJAN Ransomware/Cerber Checkin M3 (10) (trojan.rules) 2023622 - ProApps TROJAN Ransomware/Cerber Checkin M3 (11) (trojan.rules) 2023623 - ProApps TROJAN Ransomware/Cerber Checkin M3 (12) (trojan.rules) 2023624 - ProApps TROJAN Ransomware/Cerber Checkin M3 (13) (trojan.rules) 2023625 - ProApps TROJAN Ransomware/Cerber Checkin M3 (14) (trojan.rules) 2023626 - ProApps TROJAN Ransomware/Cerber Checkin M3 (15) (trojan.rules) 2023627 - ProApps TROJAN Ransomware/Cerber Checkin M3 (16) (trojan.rules) 2023628 - ProApps EXPLOIT Netgear R7000 Command Injection Exploit (exploit.rules) 2403440 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 141 (ciarmy.rules) 2403441 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 142 (ciarmy.rules) 2403442 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 143 (ciarmy.rules) 2405054 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405055 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405056 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2823777 - ProApps CURRENT_EVENTS Successful Banque Populaire (FR) Phish Dec 12 2016 (current_events.rules) 2823778 - ProApps CURRENT_EVENTS Successful Electric Ireland Payment Phish Dec 12 2016 (current_events.rules) 2823779 - ProApps CURRENT_EVENTS Successful Spyus Phish (Multiple Brands) M1 Dec 12 2016 (current_events.rules) 2823780 - ProApps CURRENT_EVENTS Successful Spyus Phish (Multiple Brands) M2 Dec 12 2016 (current_events.rules) 2823781 - ProApps CURRENT_EVENTS Successful Ebay Phish Dec 12 2016 (current_events.rules) 2823782 - ProApps CURRENT_EVENTS Successful Chase Phishing Dec 12 2016 (current_events.rules) 2823783 - ProApps CURRENT_EVENTS Successful Generic Phish Dec 12 2016 (current_events.rules) 2823784 - ProApps TROJAN PCRat/Gh0st CnC Beacon (spaces variant) (trojan.rules) 2823785 - ProApps MOBILE_MALWARE Android.Trojan.SMSSend.IA Checkin 4 (mobile_malware.rules) 2823786 - ProApps TROJAN APT28 Uploader DNS Lookup (trojan.rules) 2823787 - ProApps TROJAN APT28 Uploader DNS Lookup (trojan.rules) 2823788 - ProApps TROJAN DNSChanger Rogue DNS Server (A Lookup) (trojan.rules) 2823789 - ProApps MOBILE_MALWARE Android.Trojan.Uten.AA Checkin (mobile_malware.rules) 2823790 - ProApps TROJAN APT28 XAgent DNS Lookup (trojan.rules) 2823791 - ProApps TROJAN APT28 XAgent DNS Lookup (trojan.rules) 2823792 - ProApps TROJAN APT28 XAgent DNS Lookup (trojan.rules) 2823793 - ProApps TROJAN APT28 XAgent DNS Lookup (trojan.rules) 2823794 - ProApps TROJAN APT28 Azzy DNS Lookup (trojan.rules) 2823795 - ProApps TROJAN APT28 Azzy DNS Lookup (trojan.rules) 2823796 - ProApps TROJAN APT28 Azzy DNS Lookup (trojan.rules) 2823797 - ProApps TROJAN APT28 Azzy DNS Lookup (trojan.rules) 2823798 - ProApps TROJAN APT28 Azzy DNS Lookup (trojan.rules) 2823799 - ProApps TROJAN APT28 Uploader DNS Lookup (trojan.rules) 2823800 - ProApps TROJAN DNS Query to Cerber Domain (3pfli8 . top) (trojan.rules) 2823801 - ProApps TROJAN DNS Query to Cerber Domain (582h0n . top) (trojan.rules) 2823802 - ProApps TROJAN DNS Query to Cerber Domain (ekll3z . top) (trojan.rules) 2823803 - ProApps TROJAN DNS Query to Cerber Domain (g5b4b1 . bid) (trojan.rules) 2823804 - ProApps TROJAN DNS Query to Cerber Domain (ujc6h3 . top) (trojan.rules) 2823805 - ProApps TROJAN DNS Query to Cerber Domain (wmvsh0 . top) (trojan.rules) 2823806 - ProApps TROJAN DNS Query to Cerber Domain (v8j99w . top) (trojan.rules) 2823807 - ProApps TROJAN DNS Query to Cerber Domain (8699s9 . bid) (trojan.rules) 2823808 - ProApps TROJAN DNS Query to Cerber Domain (bvy5wt . top) (trojan.rules) 2823809 - ProApps TROJAN DNS Query to Cerber Domain (cc6dh3 . top) (trojan.rules) 2823810 - ProApps TROJAN MSIL.Alma Stealer User-Agent (trojan.rules) 2823811 - ProApps CURRENT_EVENTS DNSChanger EK DNS Reply Adfraud Server 1 Dec 12 2016 (current_events.rules) 2823812 - ProApps CURRENT_EVENTS DNSChanger EK DNS Reply Adfraud Server 2 Dec 12 2016 (current_events.rules) [+++] Modify rules: 234 [+++] 2018449 - ProApps TROJAN Potential Sefnit C2 traffic (from server) (trojan.rules) 2022894 - ProApps CURRENT_EVENTS SUSPICIOUS Firesale gTLD IE Flash request to set non-standard filename (some overlap with 2021752) (current_events.rules) 2022896 - ProApps CURRENT_EVENTS SUSPICIOUS Firesale gTLD EXE DL with no Referer June 13 2016 (current_events.rules) 2023583 - ProApps TROJAN Possible Locky JS Downloading Payload Dec 06 2016 (trojan.rules) 2023594 - ProApps TROJAN JS/WSF Downloader Dec 08 2016 (trojan.rules) 2400000 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 1 (drop.rules) 2400001 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 2 (drop.rules) 2400002 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 3 (drop.rules) 2400003 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 4 (drop.rules) 2400004 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 5 (drop.rules) 2400005 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 6 (drop.rules) 2400006 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 7 (drop.rules) 2400007 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 8 (drop.rules) 2400008 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 9 (drop.rules) 2400009 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 10 (drop.rules) 2400010 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 11 (drop.rules) 2400011 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 12 (drop.rules) 2400012 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 13 (drop.rules) 2400013 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 14 (drop.rules) 2400014 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 15 (drop.rules) 2400015 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 16 (drop.rules) 2400016 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 17 (drop.rules) 2400017 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 18 (drop.rules) 2400018 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 19 (drop.rules) 2400019 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 20 (drop.rules) 2400020 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 21 (drop.rules) 2400021 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 22 (drop.rules) 2400022 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 23 (drop.rules) 2400023 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 24 (drop.rules) 2400024 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 25 (drop.rules) 2400025 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 26 (drop.rules) 2400026 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 27 (drop.rules) 2400027 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 28 (drop.rules) 2400028 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 29 (drop.rules) 2400029 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 30 (drop.rules) 2400030 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 31 (drop.rules) 2400031 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 32 (drop.rules) 2400032 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 33 (drop.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2403400 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 101 (ciarmy.rules) 2403401 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 102 (ciarmy.rules) 2403402 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 103 (ciarmy.rules) 2403403 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 104 (ciarmy.rules) 2403404 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 105 (ciarmy.rules) 2403405 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 106 (ciarmy.rules) 2403406 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 107 (ciarmy.rules) 2403407 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 108 (ciarmy.rules) 2403408 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 109 (ciarmy.rules) 2403409 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 110 (ciarmy.rules) 2403410 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 111 (ciarmy.rules) 2403411 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 112 (ciarmy.rules) 2403412 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 113 (ciarmy.rules) 2403413 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 114 (ciarmy.rules) 2403414 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 115 (ciarmy.rules) 2403415 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 116 (ciarmy.rules) 2403416 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 117 (ciarmy.rules) 2403417 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 118 (ciarmy.rules) 2403418 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 119 (ciarmy.rules) 2403419 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 120 (ciarmy.rules) 2403420 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 121 (ciarmy.rules) 2403421 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 122 (ciarmy.rules) 2403422 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 123 (ciarmy.rules) 2403423 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 124 (ciarmy.rules) 2403424 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 125 (ciarmy.rules) 2403425 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 126 (ciarmy.rules) 2403426 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 127 (ciarmy.rules) 2403427 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 128 (ciarmy.rules) 2403428 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 129 (ciarmy.rules) 2403429 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 130 (ciarmy.rules) 2403430 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 131 (ciarmy.rules) 2403431 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 132 (ciarmy.rules) 2403432 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 133 (ciarmy.rules) 2403433 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 134 (ciarmy.rules) 2403434 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 135 (ciarmy.rules) 2403435 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 136 (ciarmy.rules) 2403436 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 137 (ciarmy.rules) 2403437 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 138 (ciarmy.rules) 2403438 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 139 (ciarmy.rules) 2403439 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 140 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 223 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 444 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 805 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 1881 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 2222 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 4423 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 5050 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 8085 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 8782 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2820495 - ProApps MOBILE_MALWARE Android/UpdtKiller.M Checkin (mobile_malware.rules) [+++] Removed rules: 1 [+++] 2019706 - ProApps WEB_CLIENT Possible Internet Explorer VBscript failure to handle error case information disclosure CVE-2014-6332 (web_client.rules) [***] ProApps Security IDS Rules Changelog started Fri Dec 9 17:53:24 2016 [***] [+++] Added rules: 46 [+++] 2023594 - ProApps TROJAN JS/WSF Downloader Dec 08 2016 (trojan.rules) 2023595 - ProApps TROJAN Trojan.Kwampirs Outbound GET request (trojan.rules) 2023596 - ProApps CURRENT_EVENTS Possible Linkedin Phishing Domain Dec 09 2016 (current_events.rules) 2023597 - ProApps POLICY DNS Query to .onion proxy Domain (anonym.to) (policy.rules) 2023598 - ProApps TROJAN JS/WSF Downloader Dec 08 2016 M2 (trojan.rules) 2823736 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2823737 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2823738 - ProApps TROJAN MSIL/Xbot Ransomware CnC Checkin (trojan.rules) 2823739 - ProApps CURRENT_EVENTS Stripe Phishing Landing Dec 09 2016 (current_events.rules) 2823740 - ProApps CURRENT_EVENTS Successful Stripe Phish Dec 09 2016 (current_events.rules) 2823741 - ProApps CURRENT_EVENTS Successful CapitalOne Phish Dec 09 2016 (current_events.rules) 2823742 - ProApps CURRENT_EVENTS Successful HSBC Phish Dec 09 2016 (current_events.rules) 2823743 - ProApps CURRENT_EVENTS Successful Paypal Phish Dec 09 2016 (current_events.rules) 2823744 - ProApps CURRENT_EVENTS Successful Paypal Phish M1 Dec 09 2016 (current_events.rules) 2823745 - ProApps CURRENT_EVENTS Successful Paypal Phish M2 Dec 09 2016 (current_events.rules) 2823746 - ProApps CURRENT_EVENTS Successful Linkedin Phish Dec 09 2016 (current_events.rules) 2823747 - ProApps CURRENT_EVENTS Javascript XOR Encoding - Observed in Apple Phishing Dec 08 2016 (current_events.rules) 2823748 - ProApps CURRENT_EVENTS Likely Phishing DNS Lookup (Fake MS Service) (current_events.rules) 2823749 - ProApps CURRENT_EVENTS Likely Phishing DNS Lookup (Fake MS Service) (current_events.rules) 2823750 - ProApps CURRENT_EVENTS Likely Phishing DNS Lookup (Fake MS Service) (current_events.rules) 2823751 - ProApps TROJAN Win32.Scar.olyu .onion Proxy Domain (trojan.rules) 2823752 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2016-12-09 1) (trojan.rules) 2823753 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2016-12-09 2) (trojan.rules) 2823754 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2016-12-09 3) (trojan.rules) 2823755 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2016-12-09 4) (trojan.rules) 2823756 - ProApps TROJAN Bitcoin Miner Known Malicious Basic Auth (bHVmZnkuRU1IQzE6RU1IQw==) (trojan.rules) 2823757 - ProApps TROJAN GootKit Activity Logs (trojan.rules) 2823758 - ProApps TROJAN DNS Query to Cerber Domain (tse45f . top) (trojan.rules) 2823759 - ProApps TROJAN DNS Query to Cerber Domain (voxmff . top) (trojan.rules) 2823760 - ProApps TROJAN DNS Query to Cerber Domain (3vjkdo . top) (trojan.rules) 2823761 - ProApps TROJAN DNS Query to Cerber Domain (2fu7bc . top) (trojan.rules) 2823762 - ProApps TROJAN DNS Query to Cerber Domain (4h16v3 . top) (trojan.rules) 2823763 - ProApps TROJAN DNS Query to Cerber Domain (5m2n7x . top) (trojan.rules) 2823764 - ProApps TROJAN DNS Query to Cerber Domain (c8jxpp . top) (trojan.rules) 2823765 - ProApps TROJAN DNS Query to Cerber Domain (gutwj0 . top) (trojan.rules) 2823766 - ProApps TROJAN DNS Query to Cerber Domain (odmtu3 . top) (trojan.rules) 2823767 - ProApps TROJAN DNS Query to Cerber Domain (83zw1f . bid) (trojan.rules) 2823768 - ProApps TROJAN MSIL/Bladabindi/njRAT Variant CnC Checkin (asdf) (trojan.rules) 2823769 - ProApps TROJAN APT28 XAgent DNS Lookup (trojan.rules) 2823770 - ProApps TROJAN APT28 XTunnel DNS Lookup (trojan.rules) 2823771 - ProApps TROJAN APT28 DealersChoice DNS Lookup (trojan.rules) 2823772 - ProApps TROJAN APT28 XAgent DNS Lookup (trojan.rules) 2823773 - ProApps TROJAN APT28 XAgent SSL Cert (trojan.rules) 2823774 - ProApps TROJAN APT28 Uploader SSL Cert (trojan.rules) 2823775 - ProApps TROJAN Malicious SSL Certificate Detected (Gootkit C2) (trojan.rules) 2823776 - ProApps CURRENT_EVENTS Successful Password Protected AMEX Phish Dec 09 2016 (current_events.rules) [+++] Modify rules: 206 [+++] 2023553 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher.a Checkin (mobile_malware.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2403400 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 101 (ciarmy.rules) 2403401 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 102 (ciarmy.rules) 2403402 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 103 (ciarmy.rules) 2403403 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 104 (ciarmy.rules) 2403404 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 105 (ciarmy.rules) 2403405 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 106 (ciarmy.rules) 2403406 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 107 (ciarmy.rules) 2403407 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 108 (ciarmy.rules) 2403408 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 109 (ciarmy.rules) 2403409 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 110 (ciarmy.rules) 2403410 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 111 (ciarmy.rules) 2403411 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 112 (ciarmy.rules) 2403412 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 113 (ciarmy.rules) 2403413 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 114 (ciarmy.rules) 2403414 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 115 (ciarmy.rules) 2403415 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 116 (ciarmy.rules) 2403416 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 117 (ciarmy.rules) 2403417 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 118 (ciarmy.rules) 2403418 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 119 (ciarmy.rules) 2403419 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 120 (ciarmy.rules) 2403420 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 121 (ciarmy.rules) 2403421 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 122 (ciarmy.rules) 2403422 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 123 (ciarmy.rules) 2403423 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 124 (ciarmy.rules) 2403424 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 125 (ciarmy.rules) 2403425 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 126 (ciarmy.rules) 2403426 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 127 (ciarmy.rules) 2403427 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 128 (ciarmy.rules) 2403428 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 129 (ciarmy.rules) 2403429 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 130 (ciarmy.rules) 2403430 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 131 (ciarmy.rules) 2403431 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 132 (ciarmy.rules) 2403432 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 133 (ciarmy.rules) 2403433 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 134 (ciarmy.rules) 2403434 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 135 (ciarmy.rules) 2403435 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 136 (ciarmy.rules) 2403436 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 137 (ciarmy.rules) 2403437 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 138 (ciarmy.rules) 2403438 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 139 (ciarmy.rules) 2403439 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 140 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 223 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 444 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 805 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 1881 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 4423 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 5050 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 11 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 8085 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 8782 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2807443 - ProApps MOBILE_MALWARE Trojan-SMS.AndroidOS.Svpeng.a Checkin (mobile_malware.rules) 2815781 - ProApps CURRENT_EVENTS Possible Successful Generic Phish Jan 14 (current_events.rules) 2820364 - ProApps CURRENT_EVENTS Possible Successful Generic Phish May 26 (current_events.rules) 2820803 - ProApps CURRENT_EVENTS Possible Successful Generic Phish Jun 22 (current_events.rules) 2823145 - ProApps WEB_CLIENT Possible Microsoft Edge Buffer Overflow M1 (CVE-2016-7202) (web_client.rules) 2823343 - ProApps TROJAN APT28/SEDNIT Uploader Variant DNS Lookup (trojan.rules) 2823344 - ProApps TROJAN APT28/SEDNIT Uploader Variant DNS Lookup (trojan.rules) 2823345 - ProApps TROJAN APT28/SEDNIT Uploader Variant DNS Lookup (trojan.rules) 2823443 - ProApps TROJAN APT28/SEDNIT Uploader Variant DNS Lookup (trojan.rules) 2823625 - ProApps TROJAN SNATCH Loader CnC Beacon (trojan.rules) [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Thu Dec 8 17:49:23 2016 [***] [+++] Added rules: 0 [+++] [+++] Modify rules: 1 [+++] 2823723 - ProApps TROJAN W32.Samsa Checkin via Tor2web (trojan.rules) [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Thu Dec 8 17:13:55 2016 [***] [+++] Added rules: 52 [+++] 2023589 - ProApps TROJAN Ransomware Popcorn-Time .onion Payment Domain (3hnuhydu4pd247qb) (trojan.rules) 2023590 - ProApps TROJAN Zeus OPENSSL Banker Malicious SSL Certificate Detected (trojan.rules) 2023591 - ProApps TROJAN Zeus OPENSSL Banker Malicious SSL Certificate Detected (trojan.rules) 2023592 - ProApps CURRENT_EVENTS Successful iCloud Phish Oct 10 2016 (current_events.rules) 2023593 - ProApps TROJAN ABUSE.CH SSL Fingerprint Blacklist Malicious SSL Certificate Detected (Gozi MITM) (trojan.rules) 2403439 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 140 (ciarmy.rules) 2823690 - ProApps CURRENT_EVENTS Successful Yahoo Phish Dec 08 2016 (current_events.rules) 2823691 - ProApps CURRENT_EVENTS Successful Banco Itau (BR) Phish M1 Dec 08 2016 (current_events.rules) 2823692 - ProApps CURRENT_EVENTS Successful Banco Itau (BR) Phish M2 Dec 08 2016 (current_events.rules) 2823693 - ProApps CURRENT_EVENTS Successful Free Mobile (FR) Phish Dec 08 2016 (current_events.rules) 2823694 - ProApps CURRENT_EVENTS Successful DHL Phish Dec 06 2016 (current_events.rules) 2823695 - ProApps CURRENT_EVENTS Successful Personalized Excel Online Phish Dec 06 2016 (current_events.rules) 2823696 - ProApps CURRENT_EVENTS Successful Facebook (TR) Phish Dec 06 2016 (current_events.rules) 2823697 - ProApps CURRENT_EVENTS Possible Successful Generic Phish (set) Dec 07 2016 (current_events.rules) 2823698 - ProApps CURRENT_EVENTS Successful Generic Phish Dec 07 2016 (current_events.rules) 2823699 - ProApps CURRENT_EVENTS Successful OneDrive Phish Dec 07 2016 (current_events.rules) 2823700 - ProApps CURRENT_EVENTS Successful Excel Online Phish Dec 07 2016 (current_events.rules) 2823701 - ProApps CURRENT_EVENTS Successful Office 365 Phish Dec 07 2016 (current_events.rules) 2823702 - ProApps TROJAN MSIL/Popcorn Ransomware Requesting Image (trojan.rules) 2823703 - ProApps TROJAN Observed Malicious SSL Cert (FlokiBot CnC) (trojan.rules) 2823704 - ProApps TROJAN Observed Malicious SSL Cert (FlokiBot CnC) (trojan.rules) 2823705 - ProApps TROJAN Observed Malicious SSL Cert (FlokiBot CnC) (trojan.rules) 2823706 - ProApps TROJAN Donoff .onion Proxy Domain (trojan.rules) 2823707 - ProApps TROJAN APT28 (Likely Phishing) DNS Lookup (trojan.rules) 2823708 - ProApps TROJAN APT28 (Likely Phishing) DNS Lookup (trojan.rules) 2823709 - ProApps TROJAN APT28 (Likely Phishing) DNS Lookup (trojan.rules) 2823710 - ProApps TROJAN APT28 (Likely Phishing) DNS Lookup (trojan.rules) 2823711 - ProApps TROJAN APT28 (Likely Phishing) DNS Lookup (trojan.rules) 2823712 - ProApps TROJAN W32.Bestafera Checkin 2 (trojan.rules) 2823713 - ProApps MALWARE Win32/Adware.Weiduan Variant Checkin (malware.rules) 2823714 - ProApps MALWARE Win32/Adware.Weiduan Variant Installed (malware.rules) 2823715 - ProApps MALWARE Win32/Adware.Weiduan Initial Module Request (malware.rules) 2823716 - ProApps MALWARE Win32/Adware.Weiduan Module Request (malware.rules) 2823717 - ProApps TROJAN Zeus Panda Banker Malicious SSL Certificate Detected (trojan.rules) 2823718 - ProApps TROJAN Possible Zcrypt Ransomware Variant .onion Proxy Domain (trojan.rules) 2823719 - ProApps TROJAN VBA/TrojanDownloader.Agent.CCD .onion Proxy Domain (trojan.rules) 2823720 - ProApps MOBILE_MALWARE Android/Spy.Kasandra.A .onion Proxy Domain (mobile_malware.rules) 2823721 - ProApps TROJAN Donoff .onion Proxy Domain (trojan.rules) 2823722 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw Checkin via SMTP (mobile_malware.rules) 2823723 - ProApps TROJAN W32.Samsa Checkin via Tor2web (trojan.rules) 2823724 - ProApps CURRENT_EVENTS Evil Redirector Leading to EK Dec 08 2016 M1 (current_events.rules) 2823725 - ProApps CURRENT_EVENTS Evil Redirector Leading to EK Dec 08 2016 M2 (current_events.rules) 2823726 - ProApps TROJAN DNS Query to Cerber Domain (r3b2sh . top) (trojan.rules) 2823727 - ProApps TROJAN DNS Query to Cerber Domain (63rx85 . top) (trojan.rules) 2823728 - ProApps TROJAN DNS Query to Cerber Domain (bvbg1l . top) (trojan.rules) 2823729 - ProApps TROJAN DNS Query to Cerber Domain (jnv1df . top) (trojan.rules) 2823730 - ProApps TROJAN DNS Query to Cerber Domain (ucrw57 . top) (trojan.rules) 2823731 - ProApps TROJAN DNS Query to Cerber Domain (x83zw1 . top) (trojan.rules) 2823732 - ProApps TROJAN DNS Query to Cerber Domain (bdlvdy . top) (trojan.rules) 2823733 - ProApps TROJAN DNS Query to Cerber Domain (fytfiy . top) (trojan.rules) 2823734 - ProApps TROJAN DNS Query to Cerber Domain (t8rizh . top) (trojan.rules) 2823735 - ProApps TROJAN DNS Query to Cerber Domain (otruw6 . top) (trojan.rules) [+++] Modify rules: 199 [+++] 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2403400 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 101 (ciarmy.rules) 2403401 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 102 (ciarmy.rules) 2403402 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 103 (ciarmy.rules) 2403403 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 104 (ciarmy.rules) 2403404 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 105 (ciarmy.rules) 2403405 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 106 (ciarmy.rules) 2403406 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 107 (ciarmy.rules) 2403407 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 108 (ciarmy.rules) 2403408 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 109 (ciarmy.rules) 2403409 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 110 (ciarmy.rules) 2403410 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 111 (ciarmy.rules) 2403411 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 112 (ciarmy.rules) 2403412 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 113 (ciarmy.rules) 2403413 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 114 (ciarmy.rules) 2403414 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 115 (ciarmy.rules) 2403415 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 116 (ciarmy.rules) 2403416 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 117 (ciarmy.rules) 2403417 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 118 (ciarmy.rules) 2403418 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 119 (ciarmy.rules) 2403419 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 120 (ciarmy.rules) 2403420 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 121 (ciarmy.rules) 2403421 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 122 (ciarmy.rules) 2403422 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 123 (ciarmy.rules) 2403423 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 124 (ciarmy.rules) 2403424 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 125 (ciarmy.rules) 2403425 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 126 (ciarmy.rules) 2403426 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 127 (ciarmy.rules) 2403427 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 128 (ciarmy.rules) 2403428 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 129 (ciarmy.rules) 2403429 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 130 (ciarmy.rules) 2403430 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 131 (ciarmy.rules) 2403431 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 132 (ciarmy.rules) 2403432 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 133 (ciarmy.rules) 2403433 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 134 (ciarmy.rules) 2403434 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 135 (ciarmy.rules) 2403435 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 136 (ciarmy.rules) 2403436 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 137 (ciarmy.rules) 2403437 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 138 (ciarmy.rules) 2403438 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 139 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 223 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 444 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 805 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 1881 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 4423 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 5050 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 11 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 8085 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 8782 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2821884 - ProApps TROJAN Tardar Exfiltration CnC Beacon M1 (trojan.rules) 2821885 - ProApps TROJAN Tardar Exfiltration CnC Beacon M2 (trojan.rules) 2822235 - ProApps CURRENT_EVENTS Successful Dynamic Folder Phishing M1 Sept 26 2016 (current_events.rules) 2822499 - ProApps CURRENT_EVENTS Successful Apple Phish M2 Oct 07 2016 (current_events.rules) 2822942 - ProApps CURRENT_EVENTS Successful Yahoo Phish Oct 27 2016 (current_events.rules) [+++] Removed rules: 4 [+++] 2822550 - ProApps CURRENT_EVENTS Successful iCloud Phish Oct 10 2016 (current_events.rules) 2823148 - ProApps EXPLOIT Possible Win32k UAF Information Disclosure Exe Inbound (CVE-2016-7214) (exploit.rules) 2823567 - ProApps TROJAN Zeus OPENSSL Banker Malicious SSL Certificate Detected (trojan.rules) 2823568 - ProApps TROJAN Zeus OPENSSL Banker Malicious SSL Certificate Detected (trojan.rules) [***] ProApps Security IDS Rules Changelog started Wed Dec 7 16:53:54 2016 [***] [+++] Added rules: 32 [+++] 2023588 - ProApps TROJAN Trojan.Win32.Qadars Checkin (trojan.rules) 2403437 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 138 (ciarmy.rules) 2403438 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 139 (ciarmy.rules) 2823661 - ProApps TROJAN APT28 Uploader Variant CnC Beacon (trojan.rules) 2823662 - ProApps TROJAN APT28 Uploader Variant Fake Request to Google (trojan.rules) 2823663 - ProApps MALWARE Win32.Addrop Checkin (malware.rules) 2823664 - ProApps CURRENT_EVENTS Successful WhatsApp Phish M1 Dec 07 2016 (current_events.rules) 2823665 - ProApps CURRENT_EVENTS Successful WhatsApp Phish M2 Dec 07 2016 (current_events.rules) 2823666 - ProApps CURRENT_EVENTS Successful Google Drive Phish Dec 07 2016 (current_events.rules) 2823667 - ProApps CURRENT_EVENTS Successful Dropbox Phish Dec 07 2016 (current_events.rules) 2823668 - ProApps CURRENT_EVENTS Successful Linkedin Phish Dec 07 2016 (current_events.rules) 2823669 - ProApps CURRENT_EVENTS Successful Chase Phish M1 Dec 07 2016 (current_events.rules) 2823670 - ProApps CURRENT_EVENTS Successful Chase Phish M2 Dec 07 2016 (current_events.rules) 2823671 - ProApps TROJAN LatentBot HTTP POST Checkin 2 (trojan.rules) 2823672 - ProApps TROJAN LatentBot HTTP POST CnC (trojan.rules) 2823673 - ProApps CURRENT_EVENTS Observed Malicious SSL Cert (MalDoc Downloader) (current_events.rules) 2823674 - ProApps TROJAN W32/Quasar 1.3 RAT MiscHandler HTTP Pattern (trojan.rules) 2823675 - ProApps TROJAN W32/Quasar 1.3 RAT Connectivity Check 2 (trojan.rules) 2823676 - ProApps TROJAN W32/Quasar 1.3 RAT Connectivity Check (trojan.rules) 2823677 - ProApps TROJAN MSIL.Unknown Reporting Install Error (trojan.rules) 2823678 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.eg Contacts Exfil via SMTP (mobile_malware.rules) 2823679 - ProApps TROJAN DNS Query to Cerber Domain (8g1k17 . bid) (trojan.rules) 2823680 - ProApps TROJAN DNS Query to Cerber Domain (rssh3l . bid) (trojan.rules) 2823681 - ProApps TROJAN DNS Query to Cerber Domain (j4cser . bid) (trojan.rules) 2823682 - ProApps TROJAN DNS Query to Cerber Domain (g2svcp . bid) (trojan.rules) 2823683 - ProApps TROJAN DNS Query to Cerber Domain (l4jpwv . bid) (trojan.rules) 2823684 - ProApps TROJAN DNS Query to Cerber Domain (3t3hyf . top) (trojan.rules) 2823685 - ProApps TROJAN DNS Query to Cerber Domain (4nf7ij . top) (trojan.rules) 2823686 - ProApps TROJAN DNS Query to Cerber Domain (paahyp . bid) (trojan.rules) 2823687 - ProApps TROJAN DNS Query to Cerber Domain (rsi6gn . top) (trojan.rules) 2823688 - ProApps TROJAN DNS Query to Cerber Domain (xf9wd1 . bid) (trojan.rules) 2823689 - ProApps TROJAN DNS Query to Cerber Domain (zreknv . bid) (trojan.rules) [+++] Modify rules: 195 [+++] 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2403400 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 101 (ciarmy.rules) 2403401 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 102 (ciarmy.rules) 2403402 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 103 (ciarmy.rules) 2403403 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 104 (ciarmy.rules) 2403404 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 105 (ciarmy.rules) 2403405 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 106 (ciarmy.rules) 2403406 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 107 (ciarmy.rules) 2403407 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 108 (ciarmy.rules) 2403408 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 109 (ciarmy.rules) 2403409 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 110 (ciarmy.rules) 2403410 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 111 (ciarmy.rules) 2403411 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 112 (ciarmy.rules) 2403412 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 113 (ciarmy.rules) 2403413 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 114 (ciarmy.rules) 2403414 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 115 (ciarmy.rules) 2403415 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 116 (ciarmy.rules) 2403416 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 117 (ciarmy.rules) 2403417 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 118 (ciarmy.rules) 2403418 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 119 (ciarmy.rules) 2403419 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 120 (ciarmy.rules) 2403420 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 121 (ciarmy.rules) 2403421 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 122 (ciarmy.rules) 2403422 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 123 (ciarmy.rules) 2403423 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 124 (ciarmy.rules) 2403424 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 125 (ciarmy.rules) 2403425 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 126 (ciarmy.rules) 2403426 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 127 (ciarmy.rules) 2403427 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 128 (ciarmy.rules) 2403428 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 129 (ciarmy.rules) 2403429 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 130 (ciarmy.rules) 2403430 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 131 (ciarmy.rules) 2403431 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 132 (ciarmy.rules) 2403432 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 133 (ciarmy.rules) 2403433 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 134 (ciarmy.rules) 2403434 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 135 (ciarmy.rules) 2403435 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 136 (ciarmy.rules) 2403436 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 137 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 223 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 444 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 805 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 1881 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 4423 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 5050 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 11 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 8085 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 8782 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2807777 - ProApps TROJAN Project Hook PoS Checkin (trojan.rules) 2816306 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.Igamo.a Checkin (mobile_malware.rules) 2821712 - ProApps TROJAN LatentBot HTTP POST Checkin (trojan.rules) [+++] Removed rules: 6 [+++] 2001492 - ProApps MALWARE ISearchTech.com XXXPornToolbar Activity (MyApp) (malware.rules) 2018415 - ProApps TROJAN W32/Tepfer.InfoStealer CnC Beacon (trojan.rules) 2405054 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405055 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2807110 - ProApps TROJAN Trojan.Win32.Qadars Checkin (trojan.rules) 2823072 - ProApps MALWARE Win32/Adware.CloudGuard.D Checkin (malware.rules) [***] ProApps Security IDS Rules Changelog started Tue Dec 6 17:29:52 2016 [***] [+++] Added rules: 30 [+++] 2008438 - ProApps INFO Possible Windows executable sent when remote host claims to send a Text File (info.rules) 2023578 - ProApps TROJAN ABUSE.CH Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2023579 - ProApps TROJAN ABUSE.CH Ransomware/Cerber Onion Domain Lookup (trojan.rules) 2023580 - ProApps TROJAN ABUSE.CH Ransomware/Cerber Onion Domain Lookup (trojan.rules) 2023581 - ProApps TROJAN ABUSE.CH Ransomware/Cerber Onion Domain Lookup (trojan.rules) 2023582 - ProApps TROJAN ABUSE.CH Ransomware/Cerber Onion Domain Lookup (trojan.rules) 2023583 - ProApps TROJAN Possible Locky JS Downloading Payload Dec 06 2016 (trojan.rules) 2023584 - ProApps TROJAN Ransomware Goldeneye .onion Payment Domain (goldenhjnqvc2lld) (trojan.rules) 2023585 - ProApps TROJAN Ransomware Goldeneye .onion Payment Domain (golden2uqpiqcs6j) (trojan.rules) 2023586 - ProApps CURRENT_EVENTS Internet Explorer Information Disclosure Vuln as Observed in RIG EK Prefilter M1 Dec 06 (current_events.rules) 2023587 - ProApps CURRENT_EVENTS Internet Explorer Information Disclosure Vuln as Observed in RIG EK Prefilter M2 Dec 06 (current_events.rules) 2403436 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 137 (ciarmy.rules) 2405055 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2823644 - ProApps MALWARE MSIL/Dotdo.AP Adware PUP Activity (malware.rules) 2823645 - ProApps TROJAN DNS Query to Cerber Domain (ftch30 . bid) (trojan.rules) 2823646 - ProApps TROJAN DNS Query to Cerber Domain (jnhdk3 . bid) (trojan.rules) 2823647 - ProApps TROJAN DNS Query to Cerber Domain (llm3m0 . bid) (trojan.rules) 2823648 - ProApps TROJAN DNS Query to Cerber Domain (w22p3v . top) (trojan.rules) 2823649 - ProApps TROJAN DNS Query to Cerber Domain (ca15sj . top) (trojan.rules) 2823650 - ProApps TROJAN DNS Query to Cerber Domain (dybsth . bid) (trojan.rules) 2823651 - ProApps TROJAN DNS Query to Cerber Domain (7m7ujm . bid) (trojan.rules) 2823652 - ProApps TROJAN DNS Query to Cerber Domain (u52m7j . bid) (trojan.rules) 2823653 - ProApps TROJAN DNS Query to Cerber Domain (9sfk22 . bid) (trojan.rules) 2823654 - ProApps TROJAN DNS Query to Cerber Domain (mszbbu . bid) (trojan.rules) 2823655 - ProApps MALWARE MSIL/Wizzcaster Adware PUP Checkin M2 (malware.rules) 2823656 - ProApps CURRENT_EVENTS Successful Gmail Phish Dec 05 2016 (current_events.rules) 2823657 - ProApps TROJAN Observed Malicious SSL Cert (JS/Ostap Downloader) (trojan.rules) 2823658 - ProApps TROJAN Malicious SSL Certificate Detected (Dreambot) (trojan.rules) 2823659 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher SSL CnC Cert (mobile_malware.rules) 2823660 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) [+++] Modify rules: 194 [+++] 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2403400 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 101 (ciarmy.rules) 2403401 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 102 (ciarmy.rules) 2403402 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 103 (ciarmy.rules) 2403403 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 104 (ciarmy.rules) 2403404 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 105 (ciarmy.rules) 2403405 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 106 (ciarmy.rules) 2403406 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 107 (ciarmy.rules) 2403407 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 108 (ciarmy.rules) 2403408 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 109 (ciarmy.rules) 2403409 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 110 (ciarmy.rules) 2403410 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 111 (ciarmy.rules) 2403411 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 112 (ciarmy.rules) 2403412 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 113 (ciarmy.rules) 2403413 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 114 (ciarmy.rules) 2403414 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 115 (ciarmy.rules) 2403415 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 116 (ciarmy.rules) 2403416 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 117 (ciarmy.rules) 2403417 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 118 (ciarmy.rules) 2403418 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 119 (ciarmy.rules) 2403419 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 120 (ciarmy.rules) 2403420 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 121 (ciarmy.rules) 2403421 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 122 (ciarmy.rules) 2403422 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 123 (ciarmy.rules) 2403423 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 124 (ciarmy.rules) 2403424 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 125 (ciarmy.rules) 2403425 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 126 (ciarmy.rules) 2403426 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 127 (ciarmy.rules) 2403427 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 128 (ciarmy.rules) 2403428 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 129 (ciarmy.rules) 2403429 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 130 (ciarmy.rules) 2403430 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 131 (ciarmy.rules) 2403431 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 132 (ciarmy.rules) 2403432 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 133 (ciarmy.rules) 2403433 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 134 (ciarmy.rules) 2403434 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 135 (ciarmy.rules) 2403435 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 136 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 223 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 444 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 805 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 1881 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 5050 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 11 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 8085 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 8782 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405054 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2814467 - ProApps TROJAN ZxShell WinVNC Command (trojan.rules) 2823575 - ProApps CURRENT_EVENTS Successful Apple Connect Phish Dec 02 2016 (current_events.rules) [+++] Removed rules: 1 [+++] 2008438 - ProApps MALWARE Possible Windows executable sent when remote host claims to send a Text File (malware.rules) [***] ProApps Security IDS Rules Changelog started Mon Dec 5 16:47:00 2016 [***] [+++] Added rules: 43 [+++] 2023576 - ProApps TROJAN Locky CnC Checkin Dec 5 M1 (trojan.rules) 2023577 - ProApps TROJAN Locky CnC Checkin HTTP Pattern (trojan.rules) 2403434 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 135 (ciarmy.rules) 2403435 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 136 (ciarmy.rules) 2405054 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2823606 - ProApps CURRENT_EVENTS Possible Evil Redirect Leading to EK Dec 04 2016 (current_events.rules) 2823607 - ProApps CURRENT_EVENTS RIG EK Landing Pre-filter (Rig-v) (current_events.rules) 2823608 - ProApps CURRENT_EVENTS RIG EK Landing Pre-filter (current_events.rules) 2823609 - ProApps TROJAN APT28 DealersChoice DNS Lookup (trojan.rules) 2823610 - ProApps TROJAN APT28 DealersChoice DNS Lookup (trojan.rules) 2823611 - ProApps TROJAN APT28 DealersChoice DNS Lookup (trojan.rules) 2823612 - ProApps TROJAN APT28 DealersChoice DNS Lookup (trojan.rules) 2823613 - ProApps TROJAN DNS Query to Cerber Domain (88oysp . bid) (trojan.rules) 2823614 - ProApps TROJAN DNS Query to Cerber Domain (5hmjh7 . bid) (trojan.rules) 2823615 - ProApps TROJAN DNS Query to Cerber Domain (re2b6k . bid) (trojan.rules) 2823616 - ProApps TROJAN DNS Query to Cerber Domain (5a2a7e . top) (trojan.rules) 2823617 - ProApps TROJAN DNS Query to Cerber Domain (9yim37 . top) (trojan.rules) 2823618 - ProApps TROJAN DNS Query to Cerber Domain (cxbp5p . bid) (trojan.rules) 2823619 - ProApps TROJAN DNS Query to Cerber Domain (1k1dxt . top) (trojan.rules) 2823620 - ProApps TROJAN DNS Query to Cerber Domain (p9su2u . top) (trojan.rules) 2823621 - ProApps TROJAN DNS Query to Cerber Domain (jtdcph . bid) (trojan.rules) 2823622 - ProApps TROJAN DNS Query to Cerber Domain (umvv28 . top) (trojan.rules) 2823623 - ProApps TROJAN Observed Malicious SSL Cert (Vawtrak CnC) (trojan.rules) 2823624 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.iz Contacts Exfil via SMTP (mobile_malware.rules) 2823625 - ProApps TROJAN SNATCH Loader CnC Beacon (trojan.rules) 2823626 - ProApps TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2823627 - ProApps TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2823628 - ProApps TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2823629 - ProApps TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2823630 - ProApps TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2823631 - ProApps TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2823632 - ProApps TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2823633 - ProApps TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2823634 - ProApps TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2823635 - ProApps TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2823636 - ProApps TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2823637 - ProApps TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2823638 - ProApps MALWARE MSIL/Dotdo CnC Checkin (malware.rules) 2823639 - ProApps CURRENT_EVENTS Successful Paypal Phish M1 Dec 05 2016 (current_events.rules) 2823640 - ProApps CURRENT_EVENTS Successful Paypal Phish M2 Dec 05 2016 (current_events.rules) 2823641 - ProApps CURRENT_EVENTS Successful Bank of America Phish Dec 05 2016 (current_events.rules) 2823642 - ProApps TROJAN APT28 DealersChoice CnC Beacon Response (trojan.rules) 2823643 - ProApps TROJAN APT28 Uploader Variant DNS Lookup (trojan.rules) [+++] Modify rules: 226 [+++] 2014380 - ProApps POLICY HTTP POST invalid method case outbound (policy.rules) 2400000 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 1 (drop.rules) 2400001 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 2 (drop.rules) 2400002 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 3 (drop.rules) 2400003 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 4 (drop.rules) 2400004 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 5 (drop.rules) 2400005 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 6 (drop.rules) 2400006 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 7 (drop.rules) 2400007 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 8 (drop.rules) 2400008 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 9 (drop.rules) 2400009 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 10 (drop.rules) 2400010 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 11 (drop.rules) 2400011 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 12 (drop.rules) 2400012 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 13 (drop.rules) 2400013 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 14 (drop.rules) 2400014 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 15 (drop.rules) 2400015 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 16 (drop.rules) 2400016 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 17 (drop.rules) 2400017 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 18 (drop.rules) 2400018 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 19 (drop.rules) 2400019 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 20 (drop.rules) 2400020 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 21 (drop.rules) 2400021 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 22 (drop.rules) 2400022 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 23 (drop.rules) 2400023 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 24 (drop.rules) 2400024 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 25 (drop.rules) 2400025 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 26 (drop.rules) 2400026 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 27 (drop.rules) 2400027 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 28 (drop.rules) 2400028 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 29 (drop.rules) 2400029 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 30 (drop.rules) 2400030 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 31 (drop.rules) 2400031 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 32 (drop.rules) 2400032 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 33 (drop.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2403400 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 101 (ciarmy.rules) 2403401 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 102 (ciarmy.rules) 2403402 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 103 (ciarmy.rules) 2403403 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 104 (ciarmy.rules) 2403404 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 105 (ciarmy.rules) 2403405 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 106 (ciarmy.rules) 2403406 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 107 (ciarmy.rules) 2403407 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 108 (ciarmy.rules) 2403408 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 109 (ciarmy.rules) 2403409 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 110 (ciarmy.rules) 2403410 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 111 (ciarmy.rules) 2403411 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 112 (ciarmy.rules) 2403412 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 113 (ciarmy.rules) 2403413 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 114 (ciarmy.rules) 2403414 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 115 (ciarmy.rules) 2403415 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 116 (ciarmy.rules) 2403416 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 117 (ciarmy.rules) 2403417 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 118 (ciarmy.rules) 2403418 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 119 (ciarmy.rules) 2403419 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 120 (ciarmy.rules) 2403420 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 121 (ciarmy.rules) 2403421 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 122 (ciarmy.rules) 2403422 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 123 (ciarmy.rules) 2403423 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 124 (ciarmy.rules) 2403424 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 125 (ciarmy.rules) 2403425 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 126 (ciarmy.rules) 2403426 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 127 (ciarmy.rules) 2403427 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 128 (ciarmy.rules) 2403428 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 129 (ciarmy.rules) 2403429 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 130 (ciarmy.rules) 2403430 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 131 (ciarmy.rules) 2403431 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 132 (ciarmy.rules) 2403432 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 133 (ciarmy.rules) 2403433 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 134 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 223 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 444 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 805 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 1881 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 5050 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 11 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 8085 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 8782 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2823078 - ProApps TROJAN APT28 DealersChoice CnC Beacon M1 (trojan.rules) 2823157 - ProApps WEB_CLIENT Microsoft Internet Explorer 11 Windows 10 Information Disclosure (CVE-2016-7227) (web_client.rules) 2823158 - ProApps WEB_CLIENT Microsoft Excel corrupted incorrect COLINFO record download (CVE-2016-7228) (web_client.rules) [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Fri Dec 2 17:53:17 2016 [***] [+++] Added rules: 40 [+++] 2023574 - ProApps WEB_SPECIFIC_APPS Joomla GoogleMaps Plugin Open Proxy Access (web_specific_apps.rules) 2023575 - ProApps TROJAN User-Agent (Visbot) (trojan.rules) 2403430 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 131 (ciarmy.rules) 2403431 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 132 (ciarmy.rules) 2403432 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 133 (ciarmy.rules) 2403433 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 134 (ciarmy.rules) 2823572 - ProApps CURRENT_EVENTS Successful Generic Webmail Phish Dec 02 2016 (current_events.rules) 2823573 - ProApps CURRENT_EVENTS Successful Irish Tax and Customs Phish Dec 02 2016 (current_events.rules) 2823574 - ProApps CURRENT_EVENTS Successful National Australia Bank Phish Dec 02 2016 (current_events.rules) 2823575 - ProApps CURRENT_EVENTS Successful Apple Connect Phish Dec 02 2016 (current_events.rules) 2823576 - ProApps CURRENT_EVENTS Successful Google Drive Phish M1 Dec 02 2016 (current_events.rules) 2823577 - ProApps CURRENT_EVENTS Successful Dynamic Folder Phish M1 Dec 02 2016 (current_events.rules) 2823578 - ProApps CURRENT_EVENTS Successful Dynamic Folder Phish M2 Dec 02 2016 (current_events.rules) 2823579 - ProApps CURRENT_EVENTS Successful Google Drive Phish M2 Dec 02 2016 (current_events.rules) 2823580 - ProApps CURRENT_EVENTS Successful Three Step Gmail Phish (1 of 3) Dec 02 2016 (current_events.rules) 2823581 - ProApps CURRENT_EVENTS Successful Three Step Gmail Phish (2 of 3) Phish Dec 02 2016 (current_events.rules) 2823582 - ProApps CURRENT_EVENTS Successful Three Step Gmail Phish (3 of 3) Dec 02 2016 (current_events.rules) 2823583 - ProApps CURRENT_EVENTS Sednit EK Flash Exploit Dec 01 2016 (current_events.rules) 2823584 - ProApps CURRENT_EVENTS Sednit EK Flash Exploit Dec 01 2016 (current_events.rules) 2823585 - ProApps CURRENT_EVENTS Sednit EK Flash Exploit Dec 01 2016 (current_events.rules) 2823586 - ProApps TROJAN Zbot!ZA .onion Proxy Domain (trojan.rules) 2823587 - ProApps TROJAN APT28 DealersChoice DNS Lookup (trojan.rules) 2823588 - ProApps TROJAN APT28 DealersChoice DNS Lookup (trojan.rules) 2823589 - ProApps TROJAN APT28 DealersChoice DNS Lookup (trojan.rules) 2823590 - ProApps TROJAN DNS Query to Cerber Domain (o5b17o . top) (trojan.rules) 2823591 - ProApps TROJAN DNS Query to Cerber Domain (wk0295 . top) (trojan.rules) 2823592 - ProApps TROJAN DNS Query to Cerber Domain (yv3uwa . bid) (trojan.rules) 2823593 - ProApps TROJAN DNS Query to Cerber Domain (zjfbxy . top) (trojan.rules) 2823594 - ProApps TROJAN DNS Query to Cerber Domain (g7rst5 . bid) (trojan.rules) 2823595 - ProApps TROJAN DNS Query to Cerber Domain (20phzx . bid) (trojan.rules) 2823596 - ProApps TROJAN DNS Query to Cerber Domain (kkkshn . bid) (trojan.rules) 2823597 - ProApps TROJAN DNS Query to Cerber Domain (13uvry . top) (trojan.rules) 2823598 - ProApps TROJAN DNS Query to Cerber Domain (zh5mu9 . bid) (trojan.rules) 2823599 - ProApps TROJAN DNS Query to Cerber Domain (nbz4dn . top) (trojan.rules) 2823600 - ProApps TROJAN Zeus Panda Banker Malicious SSL Certificate Detected (trojan.rules) 2823601 - ProApps CURRENT_EVENTS Phishing Landing via imcreator.com / imxprs.com Dec 02 2016 (current_events.rules) 2823602 - ProApps CURRENT_EVENTS Possible Successful Phish via imcreator.com / imxprs.com Dec 02 2016 (current_events.rules) 2823603 - ProApps TROJAN MSIL.Unknown Checkin (trojan.rules) 2823604 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2016-12-02 1) (trojan.rules) 2823605 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2016-12-02 2) (trojan.rules) [+++] Modify rules: 186 [+++] 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2403400 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 101 (ciarmy.rules) 2403401 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 102 (ciarmy.rules) 2403402 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 103 (ciarmy.rules) 2403403 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 104 (ciarmy.rules) 2403404 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 105 (ciarmy.rules) 2403405 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 106 (ciarmy.rules) 2403406 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 107 (ciarmy.rules) 2403407 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 108 (ciarmy.rules) 2403408 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 109 (ciarmy.rules) 2403409 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 110 (ciarmy.rules) 2403410 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 111 (ciarmy.rules) 2403411 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 112 (ciarmy.rules) 2403412 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 113 (ciarmy.rules) 2403413 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 114 (ciarmy.rules) 2403414 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 115 (ciarmy.rules) 2403415 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 116 (ciarmy.rules) 2403416 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 117 (ciarmy.rules) 2403417 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 118 (ciarmy.rules) 2403418 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 119 (ciarmy.rules) 2403419 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 120 (ciarmy.rules) 2403420 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 121 (ciarmy.rules) 2403421 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 122 (ciarmy.rules) 2403422 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 123 (ciarmy.rules) 2403423 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 124 (ciarmy.rules) 2403424 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 125 (ciarmy.rules) 2403425 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 126 (ciarmy.rules) 2403426 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 127 (ciarmy.rules) 2403427 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 128 (ciarmy.rules) 2403428 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 129 (ciarmy.rules) 2403429 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 130 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 223 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 444 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 1881 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 5050 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 8085 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 8782 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2820892 - ProApps CURRENT_EVENTS Sednit EK Landing Jun 27 2016 (current_events.rules) [+++] Removed rules: 1 [+++] 2405054 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) [***] ProApps Security IDS Rules Changelog started Thu Dec 1 18:42:13 2016 [***] [+++] Added rules: 37 [+++] 2023570 - ProApps TROJAN DistTrack/Shamoon CnC Beacon M1 (trojan.rules) 2023571 - ProApps TROJAN DistTrack/Shamoon CnC Beacon M2 (trojan.rules) 2023572 - ProApps TROJAN ABUSE.CH SSL Fingerprint Blacklist Malicious SSL Certificate Detected (Gootkit C2) (trojan.rules) 2023573 - ProApps TROJAN Unknown AutoIt Bot DNS Lookup (webmail .duia.in) (trojan.rules) 2403429 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 130 (ciarmy.rules) 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405054 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2823542 - ProApps TROJAN Helminth/OilRig CnC Beacon (trojan.rules) 2823543 - ProApps TROJAN Malicious SSL Cert Observed (ShinoBOT CnC) (trojan.rules) 2823544 - ProApps CURRENT_EVENTS Successful US Bank Phish Nov 30 2016 (current_events.rules) 2823545 - ProApps CURRENT_EVENTS Successful Western Union Phish M1 Nov 30 2016 (current_events.rules) 2823546 - ProApps CURRENT_EVENTS Successful Western Union Phish M2 Nov 30 2016 (current_events.rules) 2823547 - ProApps CURRENT_EVENTS Successful Western Union Phish M3 Nov 30 2016 (current_events.rules) 2823548 - ProApps CURRENT_EVENTS Successful Dropbox Phish Nov 30 2016 (current_events.rules) 2823549 - ProApps CURRENT_EVENTS Successful Adobe PDF Online Phish Nov 30 2016 (current_events.rules) 2823550 - ProApps CURRENT_EVENTS Successful Chase Phish Nov 30 2016 (current_events.rules) 2823551 - ProApps CURRENT_EVENTS Successful Paypal Phish Nov 30 2016 (current_events.rules) 2823552 - ProApps CURRENT_EVENTS Successful CIMB Click (MY) Phish Nov 30 2016 (current_events.rules) 2823553 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2823554 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2823555 - ProApps TROJAN Observed Malicious DNS Query (FlokiBot CnC) (trojan.rules) 2823556 - ProApps TROJAN Observed Malicious SSL Cert (FlokiBot CnC) (trojan.rules) 2823557 - ProApps TROJAN DNS Query to Cerber Domain (rudjg0 . bid) (trojan.rules) 2823558 - ProApps TROJAN DNS Query to Cerber Domain (w67y8u . bid) (trojan.rules) 2823559 - ProApps TROJAN DNS Query to Cerber Domain (b14kkk . bid) (trojan.rules) 2823560 - ProApps TROJAN DNS Query to Cerber Domain (1zdllt . bid) (trojan.rules) 2823561 - ProApps TROJAN DNS Query to Cerber Domain (vwgxhm . bid) (trojan.rules) 2823562 - ProApps TROJAN DNS Query to Cerber Domain (hy6dxo . bid) (trojan.rules) 2823563 - ProApps TROJAN DNS Query to Cerber Domain (v0xn1i . bid) (trojan.rules) 2823564 - ProApps TROJAN DNS Query to Cerber Domain (z8rkat . bid) (trojan.rules) 2823565 - ProApps TROJAN DNS Query to Cerber Domain (o83838 . bid) (trojan.rules) 2823566 - ProApps TROJAN DNS Query to Cerber Domain (ev99l6 . bid) (trojan.rules) 2823567 - ProApps TROJAN Zeus OPENSSL Banker Malicious SSL Certificate Detected (trojan.rules) 2823568 - ProApps TROJAN Zeus OPENSSL Banker Malicious SSL Certificate Detected (trojan.rules) 2823569 - ProApps CURRENT_EVENTS Sednit EK Reporting System Info Dec 01 2016 (current_events.rules) 2823570 - ProApps TROJAN W32.Geodo/Emotet Checkin (trojan.rules) 2823571 - ProApps TROJAN W32.Geodo/Emotet Checkin Fake 404 Response (trojan.rules) [+++] Modify rules: 186 [+++] 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2403400 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 101 (ciarmy.rules) 2403401 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 102 (ciarmy.rules) 2403402 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 103 (ciarmy.rules) 2403403 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 104 (ciarmy.rules) 2403404 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 105 (ciarmy.rules) 2403405 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 106 (ciarmy.rules) 2403406 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 107 (ciarmy.rules) 2403407 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 108 (ciarmy.rules) 2403408 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 109 (ciarmy.rules) 2403409 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 110 (ciarmy.rules) 2403410 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 111 (ciarmy.rules) 2403411 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 112 (ciarmy.rules) 2403412 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 113 (ciarmy.rules) 2403413 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 114 (ciarmy.rules) 2403414 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 115 (ciarmy.rules) 2403415 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 116 (ciarmy.rules) 2403416 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 117 (ciarmy.rules) 2403417 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 118 (ciarmy.rules) 2403418 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 119 (ciarmy.rules) 2403419 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 120 (ciarmy.rules) 2403420 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 121 (ciarmy.rules) 2403421 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 122 (ciarmy.rules) 2403422 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 123 (ciarmy.rules) 2403423 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 124 (ciarmy.rules) 2403424 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 125 (ciarmy.rules) 2403425 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 126 (ciarmy.rules) 2403426 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 127 (ciarmy.rules) 2403427 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 128 (ciarmy.rules) 2403428 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 129 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 223 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 444 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 1881 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 5050 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 11 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 8085 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 8782 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2816659 - ProApps TROJAN APT.Cmstar Downloading Payload (trojan.rules) 2821148 - ProApps TROJAN Sharik/Smoke Checkin 2 (trojan.rules) 2823114 - ProApps CURRENT_EVENTS Possible Sednit EK Flash Exploit Secondary Landing (current_events.rules) [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Wed Nov 30 17:10:33 2016 [***] [+++] Added rules: 28 [+++] 2023559 - ProApps EXPLOIT Firefox 0-day used against TOR browser Nov 29 2016 M1 (exploit.rules) 2023560 - ProApps EXPLOIT Firefox 0-day used against TOR browser Nov 29 2016 M2 (exploit.rules) 2023567 - ProApps TROJAN Sharik/Smoke Loader Receiving Payload (trojan.rules) 2023568 - ProApps EXPLOIT CVE-2016-3210 Exploit Observed ITW M1 Nov 30 (exploit.rules) 2023569 - ProApps EXPLOIT CVE-2016-3210 Exploit Observed ITW M1 Nov 30 (exploit.rules) 2403427 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 128 (ciarmy.rules) 2403428 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 129 (ciarmy.rules) 2823520 - ProApps CURRENT_EVENTS MalDoc Request for Payload Nov 28 2016 (current_events.rules) 2823521 - ProApps TROJAN W32.Princess Ransomware Checkin (trojan.rules) 2823522 - ProApps TROJAN DNS Query to Cerber Domain (19jmfr . top) (trojan.rules) 2823523 - ProApps TROJAN DNS Query to Cerber Domain (7jrv53 . bid) (trojan.rules) 2823524 - ProApps TROJAN DNS Query to Cerber Domain (axu3u8 . bid) (trojan.rules) 2823525 - ProApps TROJAN DNS Query to Cerber Domain (e6cf2t . bid) (trojan.rules) 2823526 - ProApps TROJAN DNS Query to Cerber Domain (6tjvli . bid) (trojan.rules) 2823527 - ProApps TROJAN DNS Query to Cerber Domain (b31wkh . bid) (trojan.rules) 2823528 - ProApps TROJAN DNS Query to Cerber Domain (li5nz3 . bid) (trojan.rules) 2823529 - ProApps TROJAN DNS Query to Cerber Domain (oxmffh . bid) (trojan.rules) 2823530 - ProApps TROJAN DNS Query to Cerber Domain (41c920 . top) (trojan.rules) 2823531 - ProApps TROJAN DNS Query to Cerber Domain (531sol . bid) (trojan.rules) 2823532 - ProApps CURRENT_EVENTS SunDown EK Landing Nov 30 M2 (current_events.rules) 2823533 - ProApps CURRENT_EVENTS SunDown EK Landing Nov 30 M2 (current_events.rules) 2823534 - ProApps CURRENT_EVENTS Likely Magnitude EK Flash Exploit Struct Nov 30 2016 (current_events.rules) 2823535 - ProApps CURRENT_EVENTS RIG EK Landing Nov 30 2016 (RIG-v) (current_events.rules) 2823536 - ProApps TROJAN Possible XAgent APT28 DNS Lookup (trojan.rules) 2823537 - ProApps TROJAN Zeus Panda Banker Malicious SSL Certificate Detected (trojan.rules) 2823538 - ProApps EXPLOIT UCam247/Phylink/Titathink/YCam/Anbash/Trivision/Netvision Webcam RCE (exploit.rules) 2823539 - ProApps CURRENT_EVENTS Evil scriptjs Redirect to EK Nov 29 2016 (current_events.rules) 2823540 - ProApps TROJAN W32.Unknown Checkin Sending LAN/IIS/SQL Info (trojan.rules) [+++] Modify rules: 193 [+++] 2018676 - ProApps TROJAN Sharik/Smoke Loader Adobe Connectivity check (trojan.rules) 2018677 - ProApps TROJAN Sharik/Smoke Loader Microsoft Connectivity check (trojan.rules) 2022025 - ProApps TROJAN Sharik/Smoke Loader Adobe Connectivity Check 2 (trojan.rules) 2022026 - ProApps TROJAN Sharik/Smoke Loader Java Connectivity Check (trojan.rules) 2022027 - ProApps TROJAN Sharik/Smoke Loader Adobe Connectivity Check 3 (trojan.rules) 2022124 - ProApps TROJAN Sharik/Smoke Loader Microsoft Connectivity Check (trojan.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2403400 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 101 (ciarmy.rules) 2403401 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 102 (ciarmy.rules) 2403402 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 103 (ciarmy.rules) 2403403 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 104 (ciarmy.rules) 2403404 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 105 (ciarmy.rules) 2403405 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 106 (ciarmy.rules) 2403406 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 107 (ciarmy.rules) 2403407 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 108 (ciarmy.rules) 2403408 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 109 (ciarmy.rules) 2403409 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 110 (ciarmy.rules) 2403410 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 111 (ciarmy.rules) 2403411 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 112 (ciarmy.rules) 2403412 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 113 (ciarmy.rules) 2403413 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 114 (ciarmy.rules) 2403414 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 115 (ciarmy.rules) 2403415 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 116 (ciarmy.rules) 2403416 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 117 (ciarmy.rules) 2403417 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 118 (ciarmy.rules) 2403418 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 119 (ciarmy.rules) 2403419 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 120 (ciarmy.rules) 2403420 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 121 (ciarmy.rules) 2403421 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 122 (ciarmy.rules) 2403422 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 123 (ciarmy.rules) 2403423 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 124 (ciarmy.rules) 2403424 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 125 (ciarmy.rules) 2403425 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 126 (ciarmy.rules) 2403426 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 127 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 223 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 444 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 1881 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 11 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 8085 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 8782 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2809825 - ProApps TROJAN Sharik/Smoke Loader SourceForge Connectivity Check (trojan.rules) 2816329 - ProApps CURRENT_EVENTS Possible Magnitude EK Flash Exploit URI Struct Feb 19 2016 (current_events.rules) 2821202 - ProApps TROJAN Sharik/Smoke Loader Microsoft Connectivity Check M2 (trojan.rules) 2822241 - ProApps TROJAN Sharik/Smoke Loader Connectivity Check M3 (trojan.rules) 2822847 - ProApps CURRENT_EVENTS Evil Redirect to RIG-v EK Oct 24 2016 (current_events.rules) 2823077 - ProApps CURRENT_EVENTS GreenFlash SunDown EK Flash Exploit (current_events.rules) [+++] Removed rules: 1 [+++] 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) [***] ProApps Security IDS Rules Changelog started Tue Nov 29 16:48:58 2016 [***] [+++] Added rules: 40 [+++] 2023550 - ProApps TROJAN Malicious SSL Certificate Detected (Gootkit CnC) (trojan.rules) 2023551 - ProApps TROJAN Locky CnC checkin Nov 21 (trojan.rules) 2023552 - ProApps TROJAN Locky CnC checkin Nov 21 M2 (trojan.rules) 2023553 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher.a Checkin (mobile_malware.rules) 2023554 - ProApps TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Flokibot CnC) (trojan.rules) 2023555 - ProApps TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gozi MITM) (trojan.rules) 2023556 - ProApps TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gozi MITM) (trojan.rules) 2023557 - ProApps CURRENT_EVENTS XBOOMBER Paypal Phishing Landing Nov 28 2016 (current_events.rules) 2023558 - ProApps CURRENT_EVENTS Successful XBOOMBER Paypal Phish Nov 28 2016 (current_events.rules) 2823489 - ProApps CURRENT_EVENTS Successful Banco Bradesco Phish M1 Nov 29 2016 (current_events.rules) 2823490 - ProApps CURRENT_EVENTS Successful Banco Bradesco Phish M2 Nov 29 2016 (current_events.rules) 2823491 - ProApps CURRENT_EVENTS Terse POST to Wordpress Folder - Probable Successful Phishing M6 (current_events.rules) 2823492 - ProApps CURRENT_EVENTS Possible Paypal Phishing Landing M1 Nov 29 2016 (current_events.rules) 2823493 - ProApps CURRENT_EVENTS Possible Paypal Phishing Landing M2 Nov 29 2016 (current_events.rules) 2823494 - ProApps CURRENT_EVENTS Possible Paypal Phishing Landing M3 Nov 29 2016 (current_events.rules) 2823495 - ProApps CURRENT_EVENTS Possible Paypal Phishing Landing M4 Nov 29 2016 (current_events.rules) 2823496 - ProApps CURRENT_EVENTS Successful Paypal Phish M1 Nov 29 2016 (current_events.rules) 2823497 - ProApps CURRENT_EVENTS Successful Paypal Phish M2 Nov 29 2016 (current_events.rules) 2823498 - ProApps TROJAN Netwire RAT Check-in 2 (trojan.rules) 2823499 - ProApps TROJAN Netwire RAT Check-in 2 (trojan.rules) 2823500 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher SSL CnC Cert (mobile_malware.rules) 2823501 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2823502 - ProApps TROJAN DNS Query to Cerber Domain (9mu6vk . top) (trojan.rules) 2823503 - ProApps TROJAN DNS Query to Cerber Domain (psrd32 . bid) (trojan.rules) 2823504 - ProApps TROJAN DNS Query to Cerber Domain (jwi2ek . bid) (trojan.rules) 2823505 - ProApps TROJAN DNS Query to Cerber Domain (ffsm1a . bid) (trojan.rules) 2823506 - ProApps TROJAN DNS Query to Cerber Domain (1blwcn . top) (trojan.rules) 2823507 - ProApps TROJAN DNS Query to Cerber Domain (zu3fzc . bid) (trojan.rules) 2823508 - ProApps TROJAN DNS Query to Cerber Domain (r38w54 . top) (trojan.rules) 2823509 - ProApps TROJAN DNS Query to Cerber Domain (0v7hry . bid) (trojan.rules) 2823510 - ProApps TROJAN DNS Query to Cerber Domain (tsrwj3 . top) (trojan.rules) 2823511 - ProApps TROJAN DNS Query to Cerber Domain (zi842m . bid) (trojan.rules) 2823512 - ProApps CURRENT_EVENTS Successful Dropbox Phish Nov 23 2016 (current_events.rules) 2823513 - ProApps CURRENT_EVENTS Successful Blackboard Phish Nov 23 2016 (current_events.rules) 2823514 - ProApps CURRENT_EVENTS Successful Banco do Brasil Phish M1 Nov 29 2016 (current_events.rules) 2823515 - ProApps CURRENT_EVENTS Successful Banco do Brasil Phish M2 Nov 29 2016 (current_events.rules) 2823516 - ProApps CURRENT_EVENTS Successful Banco do Brasil Phish M3 Nov 29 2016 (current_events.rules) 2823517 - ProApps CURRENT_EVENTS Successful Microsoft Live Email Account Phish Nov 29 2016 (current_events.rules) 2823518 - ProApps CURRENT_EVENTS Successful Personalized Adobe Online PDF Phish Nov 28 2016 (current_events.rules) 2823519 - ProApps TROJAN MSIL.VindowsLocker Ransomware Checkin via Pastebin (trojan.rules) [+++] Modify rules: 190 [+++] 2022229 - ProApps TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gootkit MITM) (trojan.rules) 2023548 - ProApps EXPLOIT Eir D1000 Modem CWMP Exploit RCE (exploit.rules) 2023549 - ProApps EXPLOIT Eir D1000 Modem CWMP Exploit Retrieving Wifi Key (exploit.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2403400 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 101 (ciarmy.rules) 2403401 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 102 (ciarmy.rules) 2403402 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 103 (ciarmy.rules) 2403403 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 104 (ciarmy.rules) 2403404 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 105 (ciarmy.rules) 2403405 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 106 (ciarmy.rules) 2403406 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 107 (ciarmy.rules) 2403407 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 108 (ciarmy.rules) 2403408 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 109 (ciarmy.rules) 2403409 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 110 (ciarmy.rules) 2403410 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 111 (ciarmy.rules) 2403411 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 112 (ciarmy.rules) 2403412 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 113 (ciarmy.rules) 2403413 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 114 (ciarmy.rules) 2403414 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 115 (ciarmy.rules) 2403415 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 116 (ciarmy.rules) 2403416 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 117 (ciarmy.rules) 2403417 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 118 (ciarmy.rules) 2403418 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 119 (ciarmy.rules) 2403419 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 120 (ciarmy.rules) 2403420 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 121 (ciarmy.rules) 2403421 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 122 (ciarmy.rules) 2403422 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 123 (ciarmy.rules) 2403423 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 124 (ciarmy.rules) 2403424 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 125 (ciarmy.rules) 2403425 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 126 (ciarmy.rules) 2403426 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 127 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 223 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 444 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 1881 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 11 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 8085 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 8782 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2814961 - ProApps CURRENT_EVENTS Possible Dyre SSL Cert Nov 17 2015 (current_events.rules) 2822181 - ProApps TROJAN Bolek HTTP Checkin (trojan.rules) 2823447 - ProApps TROJAN Malicious SSL Certificate Detected (Zeus OPENSSL) (trojan.rules) 2823461 - ProApps TROJAN MSIL.Proteus CnC (trojan.rules) 2823481 - ProApps CURRENT_EVENTS Successful Postbank (DE) Phish Nov 28 2016 (current_events.rules) [+++] Removed rules: 4 [+++] 2807968 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher.a Checkin (mobile_malware.rules) 2823366 - ProApps TROJAN Locky CnC checkin Nov 21 (trojan.rules) 2823367 - ProApps TROJAN Locky CnC checkin Nov 21 M2 (trojan.rules) 2823452 - ProApps TROJAN Malicious SSL Certificate Detected (Gootkit CnC) (trojan.rules) [***] ProApps Security IDS Rules Changelog started Mon Nov 28 18:39:55 2016 [***] [+++] Added rules: 37 [+++] 2023547 - ProApps CURRENT_EVENTS Evil Redirector Leading to EK EITest Inject Oct 17 2016 M3 (current_events.rules) 2023548 - ProApps EXPLOIT Eir D1000 Modem CWMP Exploit RCE (exploit.rules) 2023549 - ProApps EXPLOIT Eir D1000 Modem CWMP Exploit Retrieving Wifi Key (exploit.rules) 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2823456 - ProApps TROJAN PoisonIvy Keepalive to CnC 593 (trojan.rules) 2823457 - ProApps CURRENT_EVENTS RIG EK Flash Exploit (set) (current_events.rules) 2823458 - ProApps CURRENT_EVENTS RIG EK Flash Exploit Nov 25 2016 (current_events.rules) 2823459 - ProApps TROJAN DetoxCrypto Ransomware UA (trojan.rules) 2823460 - ProApps CURRENT_EVENTS RIG EK Landing Nov 26 (Rig-v) (current_events.rules) 2823461 - ProApps TROJAN Win32/Dapato.J CnC (trojan.rules) 2823462 - ProApps TROJAN DNS Query to Cerber Domain (gxty7j . top) (trojan.rules) 2823463 - ProApps TROJAN DNS Query to Cerber Domain (9c431m . bid) (trojan.rules) 2823464 - ProApps TROJAN DNS Query to Cerber Domain (u9fcji . bid) (trojan.rules) 2823465 - ProApps TROJAN DNS Query to Cerber Domain (5i0ukv . bid) (trojan.rules) 2823466 - ProApps TROJAN DNS Query to Cerber Domain (7a07br . bid) (trojan.rules) 2823467 - ProApps TROJAN DNS Query to Cerber Domain (3buvlc . bid) (trojan.rules) 2823468 - ProApps TROJAN DNS Query to Cerber Domain (zz3w5l . bid) (trojan.rules) 2823469 - ProApps TROJAN DNS Query to Cerber Domain (19wkwf . top) (trojan.rules) 2823470 - ProApps TROJAN DNS Query to Cerber Domain (v4nus1 . top) (trojan.rules) 2823471 - ProApps TROJAN DNS Query to Cerber Domain (x8p2m7 . bid) (trojan.rules) 2823472 - ProApps TROJAN PoisonIvy Keepalive to CnC 594 (trojan.rules) 2823473 - ProApps TROJAN PoisonIvy Keepalive to CnC 595 (trojan.rules) 2823474 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2016-11-28 1) (trojan.rules) 2823475 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2016-11-28 2) (trojan.rules) 2823476 - ProApps MOBILE_MALWARE Android.Trojan.InfoStealer.IB .onion Proxy Domain (mobile_malware.rules) 2823477 - ProApps TROJAN Malicious SSL Certificate Detected (Ursnif CnC) (trojan.rules) 2823478 - ProApps MOBILE_MALWARE Android.Trojan.HiddenApp.HO Checkin (mobile_malware.rules) 2823479 - ProApps CURRENT_EVENTS Malicious JS to PS Dropping PE Nov 14 M2 (current_events.rules) 2823480 - ProApps TROJAN Zeus Panda Banker Malicious SSL Certificate Detected (trojan.rules) 2823481 - ProApps CURRENT_EVENTS Successful Postbank (DE) Phish Nov 28 2016 (current_events.rules) 2823482 - ProApps CURRENT_EVENTS Successful Alibaba Phish Nov 28 2016 (current_events.rules) 2823483 - ProApps CURRENT_EVENTS Successful Sparkasse (DE) Phish Nov 28 2016 (current_events.rules) 2823484 - ProApps CURRENT_EVENTS Successful Ourtime.com Phish Nov 28 2016 (current_events.rules) 2823485 - ProApps CURRENT_EVENTS Terse POST to Wordpress Folder - Probable Successful Phishing M5 (current_events.rules) 2823486 - ProApps CURRENT_EVENTS Successful Package Tracking Phish Nov 28 (current_events.rules) 2823487 - ProApps CURRENT_EVENTS Successful Wells Fargo Phish Nov 27 2016 (current_events.rules) 2823488 - ProApps CURRENT_EVENTS Successful Dynamic Folder Phish Nov 28 2016 (current_events.rules) [+++] Modify rules: 220 [+++] 2013508 - ProApps TROJAN Downloader User-Agent HTTPGET (trojan.rules) 2019378 - ProApps TROJAN Gozi Checkin (trojan.rules) 2021753 - ProApps TROJAN Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 103 (trojan.rules) 2400000 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 1 (drop.rules) 2400001 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 2 (drop.rules) 2400002 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 3 (drop.rules) 2400003 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 4 (drop.rules) 2400004 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 5 (drop.rules) 2400005 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 6 (drop.rules) 2400006 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 7 (drop.rules) 2400007 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 8 (drop.rules) 2400008 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 9 (drop.rules) 2400009 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 10 (drop.rules) 2400010 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 11 (drop.rules) 2400011 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 12 (drop.rules) 2400012 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 13 (drop.rules) 2400013 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 14 (drop.rules) 2400014 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 15 (drop.rules) 2400015 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 16 (drop.rules) 2400016 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 17 (drop.rules) 2400017 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 18 (drop.rules) 2400018 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 19 (drop.rules) 2400019 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 20 (drop.rules) 2400020 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 21 (drop.rules) 2400021 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 22 (drop.rules) 2400022 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 23 (drop.rules) 2400023 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 24 (drop.rules) 2400024 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 25 (drop.rules) 2400025 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 26 (drop.rules) 2400026 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 27 (drop.rules) 2400027 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 28 (drop.rules) 2400028 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 29 (drop.rules) 2400029 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 30 (drop.rules) 2400030 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 31 (drop.rules) 2400031 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 32 (drop.rules) 2400032 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 33 (drop.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2403400 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 101 (ciarmy.rules) 2403401 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 102 (ciarmy.rules) 2403402 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 103 (ciarmy.rules) 2403403 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 104 (ciarmy.rules) 2403404 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 105 (ciarmy.rules) 2403405 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 106 (ciarmy.rules) 2403406 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 107 (ciarmy.rules) 2403407 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 108 (ciarmy.rules) 2403408 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 109 (ciarmy.rules) 2403409 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 110 (ciarmy.rules) 2403410 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 111 (ciarmy.rules) 2403411 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 112 (ciarmy.rules) 2403412 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 113 (ciarmy.rules) 2403413 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 114 (ciarmy.rules) 2403414 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 115 (ciarmy.rules) 2403415 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 116 (ciarmy.rules) 2403416 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 117 (ciarmy.rules) 2403417 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 118 (ciarmy.rules) 2403418 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 119 (ciarmy.rules) 2403419 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 120 (ciarmy.rules) 2403420 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 121 (ciarmy.rules) 2403421 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 122 (ciarmy.rules) 2403422 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 123 (ciarmy.rules) 2403423 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 124 (ciarmy.rules) 2403424 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 125 (ciarmy.rules) 2403425 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 126 (ciarmy.rules) 2403426 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 127 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 444 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1881 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 11 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6900 Group 1 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 8085 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 8782 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2823012 - ProApps CURRENT_EVENTS Successful FreeMobile (FR) Phish M1 Oct 31 2016 (current_events.rules) 2823171 - ProApps CURRENT_EVENTS MalDoc Payload Inbound Nov 08 (current_events.rules) 2823251 - ProApps CURRENT_EVENTS Malicious JS to PS Dropping PE Nov 14 (current_events.rules) [+++] Removed rules: 21 [+++] 2403427 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 128 (ciarmy.rules) 2403428 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 129 (ciarmy.rules) 2403429 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 130 (ciarmy.rules) 2403430 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 131 (ciarmy.rules) 2403431 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 132 (ciarmy.rules) 2403432 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 133 (ciarmy.rules) 2403433 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 134 (ciarmy.rules) 2403434 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 135 (ciarmy.rules) 2403435 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 136 (ciarmy.rules) 2403436 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 137 (ciarmy.rules) 2403437 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 138 (ciarmy.rules) 2403438 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 139 (ciarmy.rules) 2403439 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 140 (ciarmy.rules) 2403440 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 141 (ciarmy.rules) 2403441 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 142 (ciarmy.rules) 2403442 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 143 (ciarmy.rules) 2403443 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 144 (ciarmy.rules) 2403444 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 145 (ciarmy.rules) 2403445 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 146 (ciarmy.rules) 2808223 - ProApps MOBILE_MALWARE Android Spyoo-J Checkin 2 (mobile_malware.rules) 2823448 - ProApps MOBILE_MALWARE Trojan.AndroidOS.Casseb.pac Checkin (mobile_malware.rules) [***] ProApps Security IDS Rules Changelog started Wed Nov 23 18:23:51 2016 [***] [+++] Added rules: 40 [+++] 2023543 - ProApps TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gootkit CnC) (trojan.rules) 2023544 - ProApps TROJAN Win32/VB.SDB CnC Beacon (trojan.rules) 2023545 - ProApps TROJAN Win32/TrojanDownloader.Delf.BVP CnC Beacon (trojan.rules) 2023546 - ProApps TROJAN Win32/TrojanDownloader.Delf.BXC CnC Beacon (trojan.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2823421 - ProApps TROJAN Data Exfiltration Toolkit (DET) HTTP Activity (trojan.rules) 2823422 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.Agent.lr Checkin (mobile_malware.rules) 2823423 - ProApps TROJAN Unknown Bot CnC Beacon (trojan.rules) 2823424 - ProApps TROJAN DNS Query to Cerber Domain (m5o4p2 . top) (trojan.rules) 2823425 - ProApps TROJAN DNS Query to Cerber Domain (t6ueop . bid) (trojan.rules) 2823426 - ProApps TROJAN DNS Query to Cerber Domain (w19ftt . bid) (trojan.rules) 2823427 - ProApps TROJAN DNS Query to Cerber Domain (1p5lyh . top) (trojan.rules) 2823428 - ProApps TROJAN DNS Query to Cerber Domain (u92m7j . bid) (trojan.rules) 2823429 - ProApps TROJAN DNS Query to Cerber Domain (5e4u7d . bid) (trojan.rules) 2823430 - ProApps TROJAN DNS Query to Cerber Domain (n0om0m . top) (trojan.rules) 2823431 - ProApps TROJAN DNS Query to Cerber Domain (3sc3f8 . bid) (trojan.rules) 2823432 - ProApps TROJAN DNS Query to Cerber Domain (adr3ju . bid) (trojan.rules) 2823433 - ProApps TROJAN DNS Query to Cerber Domain (kfymbh . top) (trojan.rules) 2823434 - ProApps CURRENT_EVENTS Successful Alibaba Phish Nov 22 2016 (current_events.rules) 2823435 - ProApps CURRENT_EVENTS Successful Paypal Phish (DE) M1 Nov 22 2016 (current_events.rules) 2823436 - ProApps CURRENT_EVENTS Successful Paypal Phish (DE) M2 Nov 22 2016 (current_events.rules) 2823437 - ProApps CURRENT_EVENTS Successful Ebay Phish Nov 22 2016 (current_events.rules) 2823438 - ProApps CURRENT_EVENTS Successful Bank of America Phish M1 Nov 22 2016 (current_events.rules) 2823439 - ProApps CURRENT_EVENTS Successful Bank of America Phish M2 Nov 22 2016 (current_events.rules) 2823440 - ProApps CURRENT_EVENTS Successful HM Revenue Phish Nov 22 2016 (current_events.rules) 2823441 - ProApps CURRENT_EVENTS Successful Barclays Phish M1 Nov 22 2016 (current_events.rules) 2823442 - ProApps CURRENT_EVENTS Successful Barclays Phish M2 Nov 22 2016 (current_events.rules) 2823443 - ProApps TROJAN APT28/SEDNIT XAgent DNS Lookup (trojan.rules) 2823444 - ProApps TROJAN Malicious SSL Certificate Detected (Ursnif Injects) (trojan.rules) 2823445 - ProApps TROJAN Malicious SSL Certificate Detected (Ursnif Injects) (trojan.rules) 2823446 - ProApps TROJAN Malicious SSL Certificate Detected (Ursnif Injects) (trojan.rules) 2823447 - ProApps TROJAN Malicious SSL Certificate Detected (Zeus Variant) (trojan.rules) 2823448 - ProApps MOBILE_MALWARE Trojan.AndroidOS.Casseb.pac Checkin (mobile_malware.rules) 2823449 - ProApps MOBILE_MALWARE Trojan.AndroidOS.Agent.mb Checkin (mobile_malware.rules) 2823450 - ProApps TROJAN Malicious SSL Certificate Detected (Vawtrak CnC) (trojan.rules) 2823451 - ProApps TROJAN Malicious SSL Certificate Detected (Vawtrak CnC) (trojan.rules) 2823452 - ProApps TROJAN Malicious SSL Certificate Detected (Gootkit CnC) (trojan.rules) 2823453 - ProApps CURRENT_EVENTS Astrum EK Landing Nov 23 2016 M1 (current_events.rules) 2823454 - ProApps CURRENT_EVENTS Astrum EK Landing Nov 23 2016 M2 (current_events.rules) 2823455 - ProApps CURRENT_EVENTS Astrum EK Flash Exploit Nov 23 2016 M1 (current_events.rules) [+++] Modify rules: 205 [+++] 2023496 - ProApps TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Vawtrak CnC) (trojan.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2403400 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 101 (ciarmy.rules) 2403401 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 102 (ciarmy.rules) 2403402 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 103 (ciarmy.rules) 2403403 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 104 (ciarmy.rules) 2403404 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 105 (ciarmy.rules) 2403405 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 106 (ciarmy.rules) 2403406 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 107 (ciarmy.rules) 2403407 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 108 (ciarmy.rules) 2403408 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 109 (ciarmy.rules) 2403409 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 110 (ciarmy.rules) 2403410 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 111 (ciarmy.rules) 2403411 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 112 (ciarmy.rules) 2403412 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 113 (ciarmy.rules) 2403413 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 114 (ciarmy.rules) 2403414 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 115 (ciarmy.rules) 2403415 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 116 (ciarmy.rules) 2403416 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 117 (ciarmy.rules) 2403417 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 118 (ciarmy.rules) 2403418 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 119 (ciarmy.rules) 2403419 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 120 (ciarmy.rules) 2403420 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 121 (ciarmy.rules) 2403421 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 122 (ciarmy.rules) 2403422 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 123 (ciarmy.rules) 2403423 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 124 (ciarmy.rules) 2403424 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 125 (ciarmy.rules) 2403425 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 126 (ciarmy.rules) 2403426 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 127 (ciarmy.rules) 2403427 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 128 (ciarmy.rules) 2403428 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 129 (ciarmy.rules) 2403429 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 130 (ciarmy.rules) 2403430 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 131 (ciarmy.rules) 2403431 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 132 (ciarmy.rules) 2403432 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 133 (ciarmy.rules) 2403433 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 134 (ciarmy.rules) 2403434 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 135 (ciarmy.rules) 2403435 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 136 (ciarmy.rules) 2403436 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 137 (ciarmy.rules) 2403437 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 138 (ciarmy.rules) 2403438 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 139 (ciarmy.rules) 2403439 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 140 (ciarmy.rules) 2403440 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 141 (ciarmy.rules) 2403441 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 142 (ciarmy.rules) 2403442 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 143 (ciarmy.rules) 2403443 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 144 (ciarmy.rules) 2403444 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 145 (ciarmy.rules) 2403445 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 146 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 444 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 5050 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 11 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6900 Group 1 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 8085 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 8782 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2821118 - ProApps TROJAN W32/Unknown Banker Checkin (trojan.rules) 2822593 - ProApps CURRENT_EVENTS Successful CenturyLink Phish Oct 12 2016 (current_events.rules) 2823044 - ProApps TROJAN W32.Dreambot Checkin (trojan.rules) 2823415 - ProApps CURRENT_EVENTS MalDoc Callout Nov 22 2016 (current_events.rules) 2823417 - ProApps CURRENT_EVENTS MalDoc Reporting Plugins Nov 22 2016 (current_events.rules) [+++] Removed rules: 23 [+++] 2403446 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 147 (ciarmy.rules) 2403447 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 148 (ciarmy.rules) 2403448 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 149 (ciarmy.rules) 2403449 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 150 (ciarmy.rules) 2403450 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 151 (ciarmy.rules) 2403451 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 152 (ciarmy.rules) 2403452 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 153 (ciarmy.rules) 2403453 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 154 (ciarmy.rules) 2403454 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 155 (ciarmy.rules) 2403455 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 156 (ciarmy.rules) 2403456 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 157 (ciarmy.rules) 2403457 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 158 (ciarmy.rules) 2403458 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 159 (ciarmy.rules) 2403459 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 160 (ciarmy.rules) 2403460 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 161 (ciarmy.rules) 2403461 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 162 (ciarmy.rules) 2403462 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 163 (ciarmy.rules) 2403463 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 164 (ciarmy.rules) 2403464 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 165 (ciarmy.rules) 2403465 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 166 (ciarmy.rules) 2815702 - ProApps CURRENT_EVENTS Successful Adobe Phish Jan 8 (current_events.rules) 2815777 - ProApps TROJAN MSIL.Stealer Exfil Credentials via FTP (trojan.rules) 2823286 - ProApps TROJAN Observed Malicious SSL Cert (Gootkit CnC) (trojan.rules) [***] ProApps Security IDS Rules Changelog started Tue Nov 22 20:09:43 2016 [***] [+++] Added rules: 0 [+++] [+++] Modify rules: 0 [+++] [+++] Removed rules: 10 [+++] 2823405 - ProApps TROJAN DNS Query to Cerber Domain (tmfl6g . bid) (trojan.rules) 2823406 - ProApps TROJAN DNS Query to Cerber Domain (y7603i . bid) (trojan.rules) 2823407 - ProApps TROJAN DNS Query to Cerber Domain (1m47ka . bid) (trojan.rules) 2823408 - ProApps TROJAN DNS Query to Cerber Domain (c4cwr4 . bid) (trojan.rules) 2823409 - ProApps TROJAN DNS Query to Cerber Domain (jo73jn . bid) (trojan.rules) 2823410 - ProApps TROJAN DNS Query to Cerber Domain (chnbyl . bid) (trojan.rules) 2823411 - ProApps TROJAN DNS Query to Cerber Domain (735giv . top) (trojan.rules) 2823412 - ProApps TROJAN DNS Query to Cerber Domain (6cfu46 . bid) (trojan.rules) 2823413 - ProApps TROJAN DNS Query to Cerber Domain (odllm3 . bid) (trojan.rules) 2823414 - ProApps TROJAN DNS Query to Cerber Domain (vth4o4 . bid) (trojan.rules) [***] ProApps Security IDS Rules Changelog started Tue Nov 22 17:22:25 2016 [***] [+++] Added rules: 33 [+++] 2023538 - ProApps TROJAN ABUSE.CH SSL Fingerprint Blacklist Malicious SSL Certificate Detected (Tuhkit C2) (trojan.rules) 2023539 - ProApps TROJAN ABUSE.CH SSL Fingerprint Blacklist Malicious SSL Certificate Detected (Gozi MITM) (trojan.rules) 2023540 - ProApps TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Vawtrak CnC) (trojan.rules) 2023541 - ProApps TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (TrickBot CnC) (trojan.rules) 2023542 - ProApps TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Zeus CnC) (trojan.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2823395 - ProApps TROJAN ScanPOS CnC Beacon (trojan.rules) 2823396 - ProApps MOBILE_MALWARE Android.Trojan.Maistealer.B Checkin (mobile_malware.rules) 2823397 - ProApps TROJAN Observed Malicious SSL Cert (FlokiBot CnC) (trojan.rules) 2823398 - ProApps CURRENT_EVENTS Successful Hawaiian Telcom Phish Nov 21 2016 (current_events.rules) 2823399 - ProApps CURRENT_EVENTS Terse POST to Wordpress Folder - Probable Successful Phishing M4 (current_events.rules) 2823400 - ProApps CURRENT_EVENTS Successful USAA Phish Nov 21 2016 (current_events.rules) 2823401 - ProApps CURRENT_EVENTS Successful Dynamic Folder Phish Nov 21 M1 2016 (current_events.rules) 2823402 - ProApps CURRENT_EVENTS Successful Dynamic Folder Phish Nov 21 M2 2016 (current_events.rules) 2823403 - ProApps CURRENT_EVENTS Successful Dynamic Folder Phish Nov 21 M3 2016 (current_events.rules) 2823404 - ProApps TROJAN Win32/Ranscrape Ransomware Onion Domain Lookup (trojan.rules) 2823405 - ProApps TROJAN DNS Query to Cerber Domain (tmfl6g . bid) (trojan.rules) 2823406 - ProApps TROJAN DNS Query to Cerber Domain (y7603i . bid) (trojan.rules) 2823407 - ProApps TROJAN DNS Query to Cerber Domain (1m47ka . bid) (trojan.rules) 2823408 - ProApps TROJAN DNS Query to Cerber Domain (c4cwr4 . bid) (trojan.rules) 2823409 - ProApps TROJAN DNS Query to Cerber Domain (jo73jn . bid) (trojan.rules) 2823410 - ProApps TROJAN DNS Query to Cerber Domain (chnbyl . bid) (trojan.rules) 2823411 - ProApps TROJAN DNS Query to Cerber Domain (735giv . top) (trojan.rules) 2823412 - ProApps TROJAN DNS Query to Cerber Domain (6cfu46 . bid) (trojan.rules) 2823413 - ProApps TROJAN DNS Query to Cerber Domain (odllm3 . bid) (trojan.rules) 2823414 - ProApps TROJAN DNS Query to Cerber Domain (vth4o4 . bid) (trojan.rules) 2823415 - ProApps CURRENT_EVENTS MalDoc Callout Nov 22 2016 (current_events.rules) 2823416 - ProApps CURRENT_EVENTS MalDoc Activity Nov 22 2016 (current_events.rules) 2823417 - ProApps CURRENT_EVENTS MalDoc Reporting Plugins Nov 22 2016 (current_events.rules) 2823418 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.Qexq.a Checkin (mobile_malware.rules) 2823419 - ProApps CURRENT_EVENTS Possible Successful Generic Phish (set) Nov 22 2016 (current_events.rules) 2823420 - ProApps POLICY External IP Address Lookup - myip.ch (policy.rules) [+++] Modify rules: 224 [+++] 2019204 - ProApps TROJAN Backdoor.Win32.PcClient.bal CnC (OUTBOUND) (trojan.rules) 2023536 - ProApps TROJAN Observed Malicious SSL Cert (FlokiBot CnC) (trojan.rules) 2023537 - ProApps TROJAN ABUSE.CH SSL Fingerprint Blacklist Malicious SSL Certificate Detected (Gootkit C2) (trojan.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2403400 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 101 (ciarmy.rules) 2403401 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 102 (ciarmy.rules) 2403402 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 103 (ciarmy.rules) 2403403 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 104 (ciarmy.rules) 2403404 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 105 (ciarmy.rules) 2403405 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 106 (ciarmy.rules) 2403406 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 107 (ciarmy.rules) 2403407 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 108 (ciarmy.rules) 2403408 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 109 (ciarmy.rules) 2403409 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 110 (ciarmy.rules) 2403410 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 111 (ciarmy.rules) 2403411 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 112 (ciarmy.rules) 2403412 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 113 (ciarmy.rules) 2403413 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 114 (ciarmy.rules) 2403414 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 115 (ciarmy.rules) 2403415 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 116 (ciarmy.rules) 2403416 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 117 (ciarmy.rules) 2403417 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 118 (ciarmy.rules) 2403418 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 119 (ciarmy.rules) 2403419 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 120 (ciarmy.rules) 2403420 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 121 (ciarmy.rules) 2403421 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 122 (ciarmy.rules) 2403422 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 123 (ciarmy.rules) 2403423 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 124 (ciarmy.rules) 2403424 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 125 (ciarmy.rules) 2403425 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 126 (ciarmy.rules) 2403426 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 127 (ciarmy.rules) 2403427 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 128 (ciarmy.rules) 2403428 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 129 (ciarmy.rules) 2403429 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 130 (ciarmy.rules) 2403430 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 131 (ciarmy.rules) 2403431 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 132 (ciarmy.rules) 2403432 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 133 (ciarmy.rules) 2403433 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 134 (ciarmy.rules) 2403434 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 135 (ciarmy.rules) 2403435 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 136 (ciarmy.rules) 2403436 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 137 (ciarmy.rules) 2403437 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 138 (ciarmy.rules) 2403438 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 139 (ciarmy.rules) 2403439 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 140 (ciarmy.rules) 2403440 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 141 (ciarmy.rules) 2403441 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 142 (ciarmy.rules) 2403442 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 143 (ciarmy.rules) 2403443 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 144 (ciarmy.rules) 2403444 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 145 (ciarmy.rules) 2403445 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 146 (ciarmy.rules) 2403446 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 147 (ciarmy.rules) 2403447 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 148 (ciarmy.rules) 2403448 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 149 (ciarmy.rules) 2403449 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 150 (ciarmy.rules) 2403450 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 151 (ciarmy.rules) 2403451 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 152 (ciarmy.rules) 2403452 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 153 (ciarmy.rules) 2403453 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 154 (ciarmy.rules) 2403454 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 155 (ciarmy.rules) 2403455 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 156 (ciarmy.rules) 2403456 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 157 (ciarmy.rules) 2403457 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 158 (ciarmy.rules) 2403458 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 159 (ciarmy.rules) 2403459 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 160 (ciarmy.rules) 2403460 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 161 (ciarmy.rules) 2403461 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 162 (ciarmy.rules) 2403462 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 163 (ciarmy.rules) 2403463 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 164 (ciarmy.rules) 2403464 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 165 (ciarmy.rules) 2403465 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 166 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 444 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 3211 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 5050 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 11 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 8782 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2822076 - ProApps MALWARE Win32/Hao123.H Checkin 2 (malware.rules) 2822102 - ProApps WEB_CLIENT Possible Microsoft Internet Explorer and Edge Information Disclosure Vulnerability (CVE-2016-3351) (web_client.rules) 2822332 - ProApps CURRENT_EVENTS Successful Wells Fargo Phish M1 Sep 30 2016 (current_events.rules) 2822376 - ProApps CURRENT_EVENTS Successful Apple ID Phish M1 Oct 04 2016 (current_events.rules) [+++] Removed rules: 26 [+++] 2403466 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 167 (ciarmy.rules) 2403467 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 168 (ciarmy.rules) 2403468 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 169 (ciarmy.rules) 2403469 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 170 (ciarmy.rules) 2403470 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 171 (ciarmy.rules) 2403471 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 172 (ciarmy.rules) 2403472 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 173 (ciarmy.rules) 2403473 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 174 (ciarmy.rules) 2403474 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 175 (ciarmy.rules) 2403475 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 176 (ciarmy.rules) 2403476 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 177 (ciarmy.rules) 2403477 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 178 (ciarmy.rules) 2403478 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 179 (ciarmy.rules) 2403479 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 180 (ciarmy.rules) 2403480 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 181 (ciarmy.rules) 2403481 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 182 (ciarmy.rules) 2403482 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 183 (ciarmy.rules) 2403483 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 184 (ciarmy.rules) 2403484 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 185 (ciarmy.rules) 2403485 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 186 (ciarmy.rules) 2403486 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 187 (ciarmy.rules) 2403487 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 188 (ciarmy.rules) 2403488 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 189 (ciarmy.rules) 2403489 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 190 (ciarmy.rules) 2403490 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 191 (ciarmy.rules) 2403491 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 192 (ciarmy.rules) [***] ProApps Security IDS Rules Changelog started Mon Nov 21 17:40:31 2016 [***] [+++] Added rules: 227 [+++] 2015708 - ProApps INFO - Applet Tag In Edwards Packed JavaScript (info.rules) 2023536 - ProApps TROJAN Zeus Banker Variant Malicious SSL Certificate Detected (trojan.rules) 2023537 - ProApps TROJAN ABUSE.CH SSL Fingerprint Blacklist Malicious SSL Certificate Detected (Gootkit C2) (trojan.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2403400 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 101 (ciarmy.rules) 2403401 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 102 (ciarmy.rules) 2403402 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 103 (ciarmy.rules) 2403403 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 104 (ciarmy.rules) 2403404 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 105 (ciarmy.rules) 2403405 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 106 (ciarmy.rules) 2403406 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 107 (ciarmy.rules) 2403407 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 108 (ciarmy.rules) 2403408 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 109 (ciarmy.rules) 2403409 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 110 (ciarmy.rules) 2403410 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 111 (ciarmy.rules) 2403411 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 112 (ciarmy.rules) 2403412 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 113 (ciarmy.rules) 2403413 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 114 (ciarmy.rules) 2403414 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 115 (ciarmy.rules) 2403415 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 116 (ciarmy.rules) 2403416 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 117 (ciarmy.rules) 2403417 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 118 (ciarmy.rules) 2403418 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 119 (ciarmy.rules) 2403419 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 120 (ciarmy.rules) 2403420 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 121 (ciarmy.rules) 2403421 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 122 (ciarmy.rules) 2403422 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 123 (ciarmy.rules) 2403423 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 124 (ciarmy.rules) 2403424 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 125 (ciarmy.rules) 2403425 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 126 (ciarmy.rules) 2403426 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 127 (ciarmy.rules) 2403427 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 128 (ciarmy.rules) 2403428 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 129 (ciarmy.rules) 2403429 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 130 (ciarmy.rules) 2403430 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 131 (ciarmy.rules) 2403431 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 132 (ciarmy.rules) 2403432 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 133 (ciarmy.rules) 2403433 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 134 (ciarmy.rules) 2403434 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 135 (ciarmy.rules) 2403435 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 136 (ciarmy.rules) 2403436 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 137 (ciarmy.rules) 2403437 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 138 (ciarmy.rules) 2403438 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 139 (ciarmy.rules) 2403439 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 140 (ciarmy.rules) 2403440 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 141 (ciarmy.rules) 2403441 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 142 (ciarmy.rules) 2403442 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 143 (ciarmy.rules) 2403443 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 144 (ciarmy.rules) 2403444 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 145 (ciarmy.rules) 2403445 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 146 (ciarmy.rules) 2403446 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 147 (ciarmy.rules) 2403447 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 148 (ciarmy.rules) 2403448 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 149 (ciarmy.rules) 2403449 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 150 (ciarmy.rules) 2403450 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 151 (ciarmy.rules) 2403451 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 152 (ciarmy.rules) 2403452 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 153 (ciarmy.rules) 2403453 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 154 (ciarmy.rules) 2403454 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 155 (ciarmy.rules) 2403455 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 156 (ciarmy.rules) 2403456 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 157 (ciarmy.rules) 2403457 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 158 (ciarmy.rules) 2403458 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 159 (ciarmy.rules) 2403459 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 160 (ciarmy.rules) 2403460 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 161 (ciarmy.rules) 2403461 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 162 (ciarmy.rules) 2403462 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 163 (ciarmy.rules) 2403463 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 164 (ciarmy.rules) 2403464 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 165 (ciarmy.rules) 2403465 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 166 (ciarmy.rules) 2403466 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 167 (ciarmy.rules) 2403467 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 168 (ciarmy.rules) 2403468 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 169 (ciarmy.rules) 2403469 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 170 (ciarmy.rules) 2403470 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 171 (ciarmy.rules) 2403471 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 172 (ciarmy.rules) 2403472 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 173 (ciarmy.rules) 2403473 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 174 (ciarmy.rules) 2403474 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 175 (ciarmy.rules) 2403475 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 176 (ciarmy.rules) 2403476 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 177 (ciarmy.rules) 2403477 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 178 (ciarmy.rules) 2403478 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 179 (ciarmy.rules) 2403479 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 180 (ciarmy.rules) 2403480 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 181 (ciarmy.rules) 2403481 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 182 (ciarmy.rules) 2403482 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 183 (ciarmy.rules) 2403483 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 184 (ciarmy.rules) 2403484 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 185 (ciarmy.rules) 2403485 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 186 (ciarmy.rules) 2403486 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 187 (ciarmy.rules) 2403487 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 188 (ciarmy.rules) 2403488 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 189 (ciarmy.rules) 2403489 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 190 (ciarmy.rules) 2403490 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 191 (ciarmy.rules) 2403491 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 192 (ciarmy.rules) 2804051 - ProApps USER_AGENTS Suspicious User-Agent (USERAGENT) (user_agents.rules) 2823364 - ProApps CURRENT_EVENTS Successful Generic PDF Online Phish (set) Oct 11 2016 (current_events.rules) 2823365 - ProApps TROJAN Godzilla Loader Retrieving Payload (trojan.rules) 2823366 - ProApps TROJAN Locky CnC checkin Nov 21 (trojan.rules) 2823367 - ProApps TROJAN Locky CnC checkin Nov 21 M2 (trojan.rules) 2823368 - ProApps TROJAN DNS Query to Cerber Domain (kwrd4f . bid) (trojan.rules) 2823369 - ProApps TROJAN DNS Query to Cerber Domain (ihuk7s . top) (trojan.rules) 2823370 - ProApps TROJAN DNS Query to Cerber Domain (4bx196 . top) (trojan.rules) 2823371 - ProApps TROJAN DNS Query to Cerber Domain (lt0h7j . top) (trojan.rules) 2823372 - ProApps TROJAN DNS Query to Cerber Domain (y9kxz2 . bid) (trojan.rules) 2823373 - ProApps TROJAN DNS Query to Cerber Domain (p93w1x . bid) (trojan.rules) 2823374 - ProApps TROJAN DNS Query to Cerber Domain (gxccir . bid) (trojan.rules) 2823375 - ProApps TROJAN DNS Query to Cerber Domain (34o9h1 . bid) (trojan.rules) 2823376 - ProApps TROJAN DNS Query to Cerber Domain (hci9di . bid) (trojan.rules) 2823377 - ProApps TROJAN DNS Query to Cerber Domain (vrgdrs . top) (trojan.rules) 2823378 - ProApps TROJAN Win32/TrojanDownloader.Small.AAB SSL Certificate Detected (trojan.rules) 2823379 - ProApps TROJAN DNS Query to Cerber Domain (tmfl6g . bid) (trojan.rules) 2823380 - ProApps TROJAN DNS Query to Cerber Domain (y7603i . bid) (trojan.rules) 2823381 - ProApps TROJAN DNS Query to Cerber Domain (1m47ka . bid) (trojan.rules) 2823382 - ProApps TROJAN DNS Query to Cerber Domain (c4cwr4 . bid) (trojan.rules) 2823383 - ProApps TROJAN DNS Query to Cerber Domain (jo73jn . bid) (trojan.rules) 2823384 - ProApps TROJAN DNS Query to Cerber Domain (chnbyl . bid) (trojan.rules) 2823385 - ProApps TROJAN DNS Query to Cerber Domain (735giv . top) (trojan.rules) 2823386 - ProApps TROJAN DNS Query to Cerber Domain (6cfu46 . bid) (trojan.rules) 2823387 - ProApps TROJAN DNS Query to Cerber Domain (odllm3 . bid) (trojan.rules) 2823388 - ProApps TROJAN DNS Query to Cerber Domain (vth4o4 . bid) (trojan.rules) 2823389 - ProApps TROJAN MSIL/Gentromal.A CnC Beacon (trojan.rules) 2823390 - ProApps TROJAN Win32/Mailpassview Variant PWS Exfil (trojan.rules) 2823391 - ProApps TROJAN Possible CobaltStrike Shellcode over HTTP (trojan.rules) 2823392 - ProApps TROJAN Possible CobaltStrike CnC Beacon (HTTP GET) (trojan.rules) 2823393 - ProApps TROJAN Possible CobaltStrike CnC Beacon (HTTP POST) (trojan.rules) 2823394 - ProApps TROJAN Possible CobaltStrike CnC Beacon (fake headers) (trojan.rules) [+++] Modify rules: 4 [+++] 2019378 - ProApps TROJAN Gozi Checkin (trojan.rules) 2820476 - ProApps TROJAN Targeted Win32/Ispen CnC Beacon (trojan.rules) 2820855 - ProApps CURRENT_EVENTS Phishing Landing via yolasite.com Jun 24 M1 (current_events.rules) 2821020 - ProApps TROJAN CryptXXX Jul 07 2016 encrypting finished (trojan.rules) [+++] Removed rules: 2 [+++] 2015708 - ProApps CURRENT_EVENTS - Applet Tag In Edwards Packed JavaScript (current_events.rules) 2804051 - ProApps TROJAN Win32/Kryptik.UOM User-Agent (USERAGENT) (trojan.rules) [***] ProApps Security IDS Rules Changelog started Mon Nov 21 10:27:56 2016 [***] [+++] Added rules: 0 [+++] [+++] Modify rules: 84 [+++] 2400000 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 1 (drop.rules) 2400001 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 2 (drop.rules) 2400002 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 3 (drop.rules) 2400003 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 4 (drop.rules) 2400004 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 5 (drop.rules) 2400005 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 6 (drop.rules) 2400006 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 7 (drop.rules) 2400007 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 8 (drop.rules) 2400008 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 9 (drop.rules) 2400009 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 10 (drop.rules) 2400010 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 11 (drop.rules) 2400011 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 12 (drop.rules) 2400012 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 13 (drop.rules) 2400013 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 14 (drop.rules) 2400014 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 15 (drop.rules) 2400015 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 16 (drop.rules) 2400016 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 17 (drop.rules) 2400017 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 18 (drop.rules) 2400018 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 19 (drop.rules) 2400019 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 20 (drop.rules) 2400020 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 21 (drop.rules) 2400021 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 22 (drop.rules) 2400022 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 23 (drop.rules) 2400023 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 24 (drop.rules) 2400024 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 25 (drop.rules) 2400025 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 26 (drop.rules) 2400026 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 27 (drop.rules) 2400027 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 28 (drop.rules) 2400028 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 29 (drop.rules) 2400029 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 30 (drop.rules) 2400030 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 31 (drop.rules) 2400031 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 32 (drop.rules) 2400032 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 33 (drop.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 444 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 11 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 8782 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) [+++] Removed rules: 224 [+++] 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2403400 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 101 (ciarmy.rules) 2403401 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 102 (ciarmy.rules) 2403402 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 103 (ciarmy.rules) 2403403 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 104 (ciarmy.rules) 2403404 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 105 (ciarmy.rules) 2403405 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 106 (ciarmy.rules) 2403406 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 107 (ciarmy.rules) 2403407 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 108 (ciarmy.rules) 2403408 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 109 (ciarmy.rules) 2403409 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 110 (ciarmy.rules) 2403410 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 111 (ciarmy.rules) 2403411 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 112 (ciarmy.rules) 2403412 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 113 (ciarmy.rules) 2403413 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 114 (ciarmy.rules) 2403414 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 115 (ciarmy.rules) 2403415 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 116 (ciarmy.rules) 2403416 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 117 (ciarmy.rules) 2403417 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 118 (ciarmy.rules) 2403418 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 119 (ciarmy.rules) 2403419 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 120 (ciarmy.rules) 2403420 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 121 (ciarmy.rules) 2403421 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 122 (ciarmy.rules) 2403422 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 123 (ciarmy.rules) 2403423 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 124 (ciarmy.rules) 2403424 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 125 (ciarmy.rules) 2403425 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 126 (ciarmy.rules) 2403426 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 127 (ciarmy.rules) 2403427 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 128 (ciarmy.rules) 2403428 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 129 (ciarmy.rules) 2403429 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 130 (ciarmy.rules) 2403430 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 131 (ciarmy.rules) 2403431 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 132 (ciarmy.rules) 2403432 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 133 (ciarmy.rules) 2403433 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 134 (ciarmy.rules) 2403434 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 135 (ciarmy.rules) 2403435 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 136 (ciarmy.rules) 2403436 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 137 (ciarmy.rules) 2403437 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 138 (ciarmy.rules) 2403438 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 139 (ciarmy.rules) 2403439 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 140 (ciarmy.rules) 2403440 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 141 (ciarmy.rules) 2403441 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 142 (ciarmy.rules) 2403442 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 143 (ciarmy.rules) 2403443 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 144 (ciarmy.rules) 2403444 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 145 (ciarmy.rules) 2403445 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 146 (ciarmy.rules) 2403446 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 147 (ciarmy.rules) 2403447 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 148 (ciarmy.rules) 2403448 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 149 (ciarmy.rules) 2403449 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 150 (ciarmy.rules) 2403450 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 151 (ciarmy.rules) 2403451 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 152 (ciarmy.rules) 2403452 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 153 (ciarmy.rules) 2403453 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 154 (ciarmy.rules) 2403454 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 155 (ciarmy.rules) 2403455 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 156 (ciarmy.rules) 2403456 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 157 (ciarmy.rules) 2403457 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 158 (ciarmy.rules) 2403458 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 159 (ciarmy.rules) 2403459 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 160 (ciarmy.rules) 2403460 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 161 (ciarmy.rules) 2403461 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 162 (ciarmy.rules) 2403462 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 163 (ciarmy.rules) 2403463 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 164 (ciarmy.rules) 2403464 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 165 (ciarmy.rules) 2403465 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 166 (ciarmy.rules) 2403466 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 167 (ciarmy.rules) 2403467 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 168 (ciarmy.rules) 2403468 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 169 (ciarmy.rules) 2403469 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 170 (ciarmy.rules) 2403470 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 171 (ciarmy.rules) 2403471 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 172 (ciarmy.rules) 2403472 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 173 (ciarmy.rules) 2403473 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 174 (ciarmy.rules) 2403474 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 175 (ciarmy.rules) 2403475 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 176 (ciarmy.rules) 2403476 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 177 (ciarmy.rules) 2403477 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 178 (ciarmy.rules) 2403478 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 179 (ciarmy.rules) 2403479 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 180 (ciarmy.rules) 2403480 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 181 (ciarmy.rules) 2403481 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 182 (ciarmy.rules) 2403482 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 183 (ciarmy.rules) 2403483 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 184 (ciarmy.rules) 2403484 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 185 (ciarmy.rules) 2403485 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 186 (ciarmy.rules) 2403486 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 187 (ciarmy.rules) 2403487 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 188 (ciarmy.rules) 2403488 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 189 (ciarmy.rules) 2403489 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 190 (ciarmy.rules) 2403490 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 191 (ciarmy.rules) 2403491 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 192 (ciarmy.rules) 2403492 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 193 (ciarmy.rules) 2403493 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 194 (ciarmy.rules) 2403494 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 195 (ciarmy.rules) 2403495 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 196 (ciarmy.rules) 2403496 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 197 (ciarmy.rules) 2403497 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 198 (ciarmy.rules) 2403498 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 199 (ciarmy.rules) 2403499 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 200 (ciarmy.rules) 2403500 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 201 (ciarmy.rules) 2403501 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 202 (ciarmy.rules) 2403502 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 203 (ciarmy.rules) 2403503 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 204 (ciarmy.rules) 2403504 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 205 (ciarmy.rules) 2403505 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 206 (ciarmy.rules) 2403506 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 207 (ciarmy.rules) 2403507 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 208 (ciarmy.rules) 2403508 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 209 (ciarmy.rules) 2403509 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 210 (ciarmy.rules) 2403510 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 211 (ciarmy.rules) 2403511 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 212 (ciarmy.rules) 2403512 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 213 (ciarmy.rules) 2403513 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 214 (ciarmy.rules) 2403514 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 215 (ciarmy.rules) 2403515 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 216 (ciarmy.rules) 2403516 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 217 (ciarmy.rules) 2403517 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 218 (ciarmy.rules) 2403518 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 219 (ciarmy.rules) 2403519 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 220 (ciarmy.rules) 2403520 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 221 (ciarmy.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) [***] ProApps Security IDS Rules Changelog started Fri Nov 18 16:39:40 2016 [***] [+++] Added rules: 43 [+++] 2023523 - ProApps TROJAN KeyBoy DNS Lookup (www .about.jkub.com) (trojan.rules) 2023524 - ProApps TROJAN KeyBoy DNS Lookup (www .eleven.mypop3.org) (trojan.rules) 2023525 - ProApps TROJAN KeyBoy DNS Lookup (www .backus.myftp.name) (trojan.rules) 2023526 - ProApps TROJAN KeyBoy DNS Lookup (tibetvoices .com) (trojan.rules) 2023527 - ProApps TROJAN KeyBoy CnC Beacon (trojan.rules) 2023528 - ProApps TROJAN ABUSE.CH SSL Blacklist Malicious SSL Certificate Detected (Chthonic CnC) (trojan.rules) 2023529 - ProApps TROJAN ABUSE.CH SSL Blacklist Malicious SSL Certificate Detected (Malware CnC) (trojan.rules) 2023530 - ProApps TROJAN ABUSE.CH SSL Blacklist Malicious SSL Certificate Detected (Chthonic MITM) (trojan.rules) 2023531 - ProApps MOBILE_MALWARE Unknown Redirector Nov 17 2016 (mobile_malware.rules) 2023532 - ProApps MOBILE_MALWARE Unknown Landing URI Nov 17 2016 (mobile_malware.rules) 2023533 - ProApps TROJAN CryptoLuck / YafunnLocker Ransomware CnC Checkin (trojan.rules) 2023534 - ProApps TROJAN Win32/CHIP Ransomware CnC Checkin (trojan.rules) 2023535 - ProApps WEB_SERVER Possible Apache Struts OGNL Expression Injection (web_server.rules) 2823334 - ProApps TROJAN Nanocore Checkin Pattern (set) 1 (trojan.rules) 2823335 - ProApps TROJAN Nanocore Checkin Pattern (set) 2 (trojan.rules) 2823336 - ProApps TROJAN Nanocore Checkin Pattern (set) 4 (trojan.rules) 2823337 - ProApps TROJAN Nanocore Checkin Pattern (trojan.rules) 2823338 - ProApps TROJAN Nanocore Checkin Pattern (set) 3 (trojan.rules) 2823339 - ProApps CURRENT_EVENTS Sundown/Xer EK Landing Page Nov 17 2016 (current_events.rules) 2823340 - ProApps TROJAN Zloader CnC SSL Cert (trojan.rules) 2823341 - ProApps TROJAN Ransomware/Princess Onion Domain Lookup (trojan.rules) 2823342 - ProApps TROJAN Ransomware/Princess Onion Domain Lookup (trojan.rules) 2823343 - ProApps TROJAN APT28/SEDNIT XAgent DNS Lookup (trojan.rules) 2823344 - ProApps TROJAN APT28/SEDNIT XAgent DNS Lookup (trojan.rules) 2823345 - ProApps TROJAN APT28/SEDNIT XAgent DNS Lookup (trojan.rules) 2823346 - ProApps TROJAN JigsawLocker .onion Proxy Domain (trojan.rules) 2823347 - ProApps TROJAN MSIL.Neutron .onion Proxy Domain (trojan.rules) 2823348 - ProApps TROJAN Ransomware PadCrypt .onion Proxy Domain (trojan.rules) 2823349 - ProApps TROJAN APT28/SEDNIT XAgent DNS Lookup (trojan.rules) 2823350 - ProApps TROJAN APT28/SEDNIT XAgent DNS Lookup (trojan.rules) 2823351 - ProApps TROJAN APT28/SEDNIT XAgent DNS Lookup (trojan.rules) 2823352 - ProApps CURRENT_EVENTS Successful Sparkasse Bank Phish Nov 18 2016 (current_events.rules) 2823353 - ProApps CURRENT_EVENTS Successful St. George Bank (AU) Phish Nov 18 2016 (current_events.rules) 2823354 - ProApps CURRENT_EVENTS Successful Wells Fargo Phish M1 Nov 18 2016 (current_events.rules) 2823355 - ProApps CURRENT_EVENTS Successful Wells Fargo Phish M2 Nov 18 2016 (current_events.rules) 2823356 - ProApps CURRENT_EVENTS Successful Google Drive Phish Nov 18 2016 (current_events.rules) 2823357 - ProApps CURRENT_EVENTS Successful Linkedin Phish Nov 18 2016 (current_events.rules) 2823358 - ProApps CURRENT_EVENTS Successful Credential Phish (Multiple Brands) Nov 18 2016 (current_events.rules) 2823359 - ProApps CURRENT_EVENTS Office 365 Phishing Landing Nov 18 2016 (current_events.rules) 2823360 - ProApps CURRENT_EVENTS Successful Office 365 Phish Nov 18 2016 (current_events.rules) 2823361 - ProApps CURRENT_EVENTS Successful Generic Wembail Phish M2 Nov 18 2016 (current_events.rules) 2823362 - ProApps CURRENT_EVENTS Successful Generic Webmail Phish M1 Nov 18 2016 (current_events.rules) 2823363 - ProApps TROJAN Locky CnC Checkin Nov 18 2016 (trojan.rules) [+++] Modify rules: 278 [+++] 2022483 - ProApps TROJAN JS/Nemucod requesting EXE payload 2016-01-28 (trojan.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2403400 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 101 (ciarmy.rules) 2403401 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 102 (ciarmy.rules) 2403402 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 103 (ciarmy.rules) 2403403 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 104 (ciarmy.rules) 2403404 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 105 (ciarmy.rules) 2403405 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 106 (ciarmy.rules) 2403406 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 107 (ciarmy.rules) 2403407 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 108 (ciarmy.rules) 2403408 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 109 (ciarmy.rules) 2403409 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 110 (ciarmy.rules) 2403410 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 111 (ciarmy.rules) 2403411 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 112 (ciarmy.rules) 2403412 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 113 (ciarmy.rules) 2403413 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 114 (ciarmy.rules) 2403414 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 115 (ciarmy.rules) 2403415 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 116 (ciarmy.rules) 2403416 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 117 (ciarmy.rules) 2403417 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 118 (ciarmy.rules) 2403418 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 119 (ciarmy.rules) 2403419 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 120 (ciarmy.rules) 2403420 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 121 (ciarmy.rules) 2403421 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 122 (ciarmy.rules) 2403422 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 123 (ciarmy.rules) 2403423 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 124 (ciarmy.rules) 2403424 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 125 (ciarmy.rules) 2403425 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 126 (ciarmy.rules) 2403426 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 127 (ciarmy.rules) 2403427 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 128 (ciarmy.rules) 2403428 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 129 (ciarmy.rules) 2403429 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 130 (ciarmy.rules) 2403430 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 131 (ciarmy.rules) 2403431 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 132 (ciarmy.rules) 2403432 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 133 (ciarmy.rules) 2403433 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 134 (ciarmy.rules) 2403434 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 135 (ciarmy.rules) 2403435 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 136 (ciarmy.rules) 2403436 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 137 (ciarmy.rules) 2403437 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 138 (ciarmy.rules) 2403438 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 139 (ciarmy.rules) 2403439 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 140 (ciarmy.rules) 2403440 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 141 (ciarmy.rules) 2403441 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 142 (ciarmy.rules) 2403442 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 143 (ciarmy.rules) 2403443 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 144 (ciarmy.rules) 2403444 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 145 (ciarmy.rules) 2403445 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 146 (ciarmy.rules) 2403446 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 147 (ciarmy.rules) 2403447 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 148 (ciarmy.rules) 2403448 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 149 (ciarmy.rules) 2403449 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 150 (ciarmy.rules) 2403450 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 151 (ciarmy.rules) 2403451 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 152 (ciarmy.rules) 2403452 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 153 (ciarmy.rules) 2403453 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 154 (ciarmy.rules) 2403454 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 155 (ciarmy.rules) 2403455 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 156 (ciarmy.rules) 2403456 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 157 (ciarmy.rules) 2403457 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 158 (ciarmy.rules) 2403458 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 159 (ciarmy.rules) 2403459 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 160 (ciarmy.rules) 2403460 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 161 (ciarmy.rules) 2403461 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 162 (ciarmy.rules) 2403462 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 163 (ciarmy.rules) 2403463 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 164 (ciarmy.rules) 2403464 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 165 (ciarmy.rules) 2403465 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 166 (ciarmy.rules) 2403466 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 167 (ciarmy.rules) 2403467 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 168 (ciarmy.rules) 2403468 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 169 (ciarmy.rules) 2403469 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 170 (ciarmy.rules) 2403470 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 171 (ciarmy.rules) 2403471 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 172 (ciarmy.rules) 2403472 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 173 (ciarmy.rules) 2403473 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 174 (ciarmy.rules) 2403474 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 175 (ciarmy.rules) 2403475 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 176 (ciarmy.rules) 2403476 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 177 (ciarmy.rules) 2403477 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 178 (ciarmy.rules) 2403478 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 179 (ciarmy.rules) 2403479 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 180 (ciarmy.rules) 2403480 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 181 (ciarmy.rules) 2403481 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 182 (ciarmy.rules) 2403482 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 183 (ciarmy.rules) 2403483 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 184 (ciarmy.rules) 2403484 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 185 (ciarmy.rules) 2403485 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 186 (ciarmy.rules) 2403486 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 187 (ciarmy.rules) 2403487 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 188 (ciarmy.rules) 2403488 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 189 (ciarmy.rules) 2403489 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 190 (ciarmy.rules) 2403490 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 191 (ciarmy.rules) 2403491 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 192 (ciarmy.rules) 2403492 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 193 (ciarmy.rules) 2403493 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 194 (ciarmy.rules) 2403494 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 195 (ciarmy.rules) 2403495 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 196 (ciarmy.rules) 2403496 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 197 (ciarmy.rules) 2403497 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 198 (ciarmy.rules) 2403498 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 199 (ciarmy.rules) 2403499 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 200 (ciarmy.rules) 2403500 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 201 (ciarmy.rules) 2403501 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 202 (ciarmy.rules) 2403502 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 203 (ciarmy.rules) 2403503 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 204 (ciarmy.rules) 2403504 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 205 (ciarmy.rules) 2403505 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 206 (ciarmy.rules) 2403506 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 207 (ciarmy.rules) 2403507 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 208 (ciarmy.rules) 2403508 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 209 (ciarmy.rules) 2403509 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 210 (ciarmy.rules) 2403510 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 211 (ciarmy.rules) 2403511 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 212 (ciarmy.rules) 2403512 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 213 (ciarmy.rules) 2403513 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 214 (ciarmy.rules) 2403514 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 215 (ciarmy.rules) 2403515 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 216 (ciarmy.rules) 2403516 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 217 (ciarmy.rules) 2403517 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 218 (ciarmy.rules) 2403518 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 219 (ciarmy.rules) 2403519 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 220 (ciarmy.rules) 2403520 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 221 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 444 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 3211 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 5050 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 5817 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 11 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 8782 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2815129 - ProApps CURRENT_EVENTS Base64 Obfuscated Landing - Possible Phishing Nov 30 (current_events.rules) 2820982 - ProApps TROJAN MSIL/AlphaStealer PWS Exfil via HTTP (trojan.rules) [+++] Removed rules: 7 [+++] 2017278 - ProApps WEB_SERVER Possible Apache Struts OGNL Expression Injection (web_server.rules) 2403521 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 222 (ciarmy.rules) 2403522 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 223 (ciarmy.rules) 2403523 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 224 (ciarmy.rules) 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2816535 - ProApps TROJAN W32/Filecoder.NFN!tr Checkin (trojan.rules) 2823252 - ProApps TROJAN CryptoLuck / YafunnLocker Ransomware CnC Checkin (trojan.rules) [***] ProApps Security IDS Rules Changelog started Thu Nov 17 17:00:22 2016 [***] [+++] Added rules: 100 [+++] 2023520 - ProApps POLICY External IP Lookup (tinytools.nu) (policy.rules) 2023521 - ProApps TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Vawtrak CnC) (trojan.rules) 2023522 - ProApps TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Vawtrak CnC) (trojan.rules) 2403512 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 213 (ciarmy.rules) 2403513 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 214 (ciarmy.rules) 2403514 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 215 (ciarmy.rules) 2403515 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 216 (ciarmy.rules) 2403516 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 217 (ciarmy.rules) 2403517 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 218 (ciarmy.rules) 2403518 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 219 (ciarmy.rules) 2403519 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 220 (ciarmy.rules) 2403520 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 221 (ciarmy.rules) 2403521 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 222 (ciarmy.rules) 2403522 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 223 (ciarmy.rules) 2403523 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 224 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 444 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 805 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 5050 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 5817 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 11 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 7777 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 8782 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2823303 - ProApps CURRENT_EVENTS Successful Paypal Phish M1 Nov 16 2016 (current_events.rules) 2823304 - ProApps CURRENT_EVENTS Successful Paypal Phish M2 Nov 16 2016 (current_events.rules) 2823305 - ProApps CURRENT_EVENTS Shared Document Phishing Landing Nov 16 2016 (current_events.rules) 2823306 - ProApps CURRENT_EVENTS Successful Dropbox Business Phish Nov 16 2016 (current_events.rules) 2823307 - ProApps CURRENT_EVENTS Successful Personalized Email Update Phish Nov 16 2016 (current_events.rules) 2823308 - ProApps CURRENT_EVENTS Successful Docusign Phish Nov 16 2016 (current_events.rules) 2823309 - ProApps CURRENT_EVENTS Successful Excel Phish Nov 16 2016 (current_events.rules) 2823310 - ProApps CURRENT_EVENTS Successful Shared Adobe PDF Phish Nov 16 2016 (current_events.rules) 2823311 - ProApps CURRENT_EVENTS Successful Linkedin Phish Nov 16 2016 (current_events.rules) 2823312 - ProApps CURRENT_EVENTS Email Settings Error Phishing Landing Nov 16 2016 (current_events.rules) 2823313 - ProApps CURRENT_EVENTS Successful Email Settings Error Phish Nov 16 2016 (current_events.rules) 2823314 - ProApps TROJAN DNS Query to Cerber Domain (nnb83b . bid) (trojan.rules) 2823315 - ProApps TROJAN DNS Query to Cerber Domain (2eu9zl . bid) (trojan.rules) 2823316 - ProApps TROJAN DNS Query to Cerber Domain (forththat . pw) (trojan.rules) 2823317 - ProApps TROJAN DNS Query to Cerber Domain (hclz73 . top) (trojan.rules) 2823318 - ProApps TROJAN DNS Query to Cerber Domain (23fvxw . bid) (trojan.rules) 2823319 - ProApps TROJAN DNS Query to Cerber Domain (3nke6l . bid) (trojan.rules) 2823320 - ProApps TROJAN DNS Query to Cerber Domain (xy2rlg . bid) (trojan.rules) 2823321 - ProApps TROJAN DNS Query to Cerber Domain (f1l8li . bid) (trojan.rules) 2823322 - ProApps TROJAN DNS Query to Cerber Domain (e2yzfi . bid) (trojan.rules) 2823323 - ProApps TROJAN DNS Query to Cerber Domain (83j6lj . top) (trojan.rules) 2823324 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2016-11-17 1) (trojan.rules) 2823325 - ProApps TROJAN Bitcoin Miner Known Malicious Basic Auth (d2lsbG93MTQ1LjE6MQ==) (trojan.rules) 2823326 - ProApps TROJAN Bitcoin Miner Known Malicious Basic Auth (MUJRWFBuNUE5RVM3V2U2UHpDdXk2S1RoNTJrU2ZyVXh5Zjp4) (trojan.rules) 2823327 - ProApps TROJAN Observed Malicious SSL Cert (Gootkit CnC) (trojan.rules) 2823328 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.jj Checkin via SMTP (mobile_malware.rules) 2823329 - ProApps TROJAN Crypton Ransomware Checkin (trojan.rules) 2823330 - ProApps TROJAN Crypton Ransomware User Agent Observed (trojan.rules) 2823331 - ProApps MOBILE_MALWARE Trojan.AndroidOS.Dadmo.e Checkin (mobile_malware.rules) 2823332 - ProApps CURRENT_EVENTS Evil iframe Redirect to EK Nov 17 2016 (current_events.rules) 2823333 - ProApps CURRENT_EVENTS Possible Evil Redirect to EK or Other Nov 17 2016 (current_events.rules) [+++] Modify rules: 214 [+++] 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2403400 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 101 (ciarmy.rules) 2403401 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 102 (ciarmy.rules) 2403402 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 103 (ciarmy.rules) 2403403 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 104 (ciarmy.rules) 2403404 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 105 (ciarmy.rules) 2403405 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 106 (ciarmy.rules) 2403406 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 107 (ciarmy.rules) 2403407 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 108 (ciarmy.rules) 2403408 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 109 (ciarmy.rules) 2403409 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 110 (ciarmy.rules) 2403410 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 111 (ciarmy.rules) 2403411 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 112 (ciarmy.rules) 2403412 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 113 (ciarmy.rules) 2403413 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 114 (ciarmy.rules) 2403414 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 115 (ciarmy.rules) 2403415 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 116 (ciarmy.rules) 2403416 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 117 (ciarmy.rules) 2403417 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 118 (ciarmy.rules) 2403418 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 119 (ciarmy.rules) 2403419 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 120 (ciarmy.rules) 2403420 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 121 (ciarmy.rules) 2403421 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 122 (ciarmy.rules) 2403422 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 123 (ciarmy.rules) 2403423 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 124 (ciarmy.rules) 2403424 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 125 (ciarmy.rules) 2403425 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 126 (ciarmy.rules) 2403426 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 127 (ciarmy.rules) 2403427 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 128 (ciarmy.rules) 2403428 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 129 (ciarmy.rules) 2403429 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 130 (ciarmy.rules) 2403430 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 131 (ciarmy.rules) 2403431 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 132 (ciarmy.rules) 2403432 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 133 (ciarmy.rules) 2403433 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 134 (ciarmy.rules) 2403434 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 135 (ciarmy.rules) 2403435 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 136 (ciarmy.rules) 2403436 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 137 (ciarmy.rules) 2403437 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 138 (ciarmy.rules) 2403438 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 139 (ciarmy.rules) 2403439 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 140 (ciarmy.rules) 2403440 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 141 (ciarmy.rules) 2403441 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 142 (ciarmy.rules) 2403442 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 143 (ciarmy.rules) 2403443 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 144 (ciarmy.rules) 2403444 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 145 (ciarmy.rules) 2403445 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 146 (ciarmy.rules) 2403446 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 147 (ciarmy.rules) 2403447 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 148 (ciarmy.rules) 2403448 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 149 (ciarmy.rules) 2403449 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 150 (ciarmy.rules) 2403450 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 151 (ciarmy.rules) 2403451 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 152 (ciarmy.rules) 2403452 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 153 (ciarmy.rules) 2403453 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 154 (ciarmy.rules) 2403454 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 155 (ciarmy.rules) 2403455 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 156 (ciarmy.rules) 2403456 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 157 (ciarmy.rules) 2403457 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 158 (ciarmy.rules) 2403458 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 159 (ciarmy.rules) 2403459 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 160 (ciarmy.rules) 2403460 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 161 (ciarmy.rules) 2403461 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 162 (ciarmy.rules) 2403462 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 163 (ciarmy.rules) 2403463 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 164 (ciarmy.rules) 2403464 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 165 (ciarmy.rules) 2403465 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 166 (ciarmy.rules) 2403466 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 167 (ciarmy.rules) 2403467 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 168 (ciarmy.rules) 2403468 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 169 (ciarmy.rules) 2403469 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 170 (ciarmy.rules) 2403470 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 171 (ciarmy.rules) 2403471 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 172 (ciarmy.rules) 2403472 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 173 (ciarmy.rules) 2403473 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 174 (ciarmy.rules) 2403474 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 175 (ciarmy.rules) 2403475 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 176 (ciarmy.rules) 2403476 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 177 (ciarmy.rules) 2403477 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 178 (ciarmy.rules) 2403478 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 179 (ciarmy.rules) 2403479 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 180 (ciarmy.rules) 2403480 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 181 (ciarmy.rules) 2403481 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 182 (ciarmy.rules) 2403482 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 183 (ciarmy.rules) 2403483 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 184 (ciarmy.rules) 2403484 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 185 (ciarmy.rules) 2403485 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 186 (ciarmy.rules) 2403486 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 187 (ciarmy.rules) 2403487 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 188 (ciarmy.rules) 2403488 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 189 (ciarmy.rules) 2403489 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 190 (ciarmy.rules) 2403490 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 191 (ciarmy.rules) 2403491 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 192 (ciarmy.rules) 2403492 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 193 (ciarmy.rules) 2403493 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 194 (ciarmy.rules) 2403494 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 195 (ciarmy.rules) 2403495 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 196 (ciarmy.rules) 2403496 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 197 (ciarmy.rules) 2403497 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 198 (ciarmy.rules) 2403498 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 199 (ciarmy.rules) 2403499 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 200 (ciarmy.rules) 2403500 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 201 (ciarmy.rules) 2403501 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 202 (ciarmy.rules) 2403502 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 203 (ciarmy.rules) 2403503 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 204 (ciarmy.rules) 2403504 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 205 (ciarmy.rules) 2403505 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 206 (ciarmy.rules) 2403506 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 207 (ciarmy.rules) 2403507 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 208 (ciarmy.rules) 2403508 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 209 (ciarmy.rules) 2403509 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 210 (ciarmy.rules) 2403510 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 211 (ciarmy.rules) 2403511 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 212 (ciarmy.rules) 2821655 - ProApps TROJAN JSP WebShell Backdoor.Hadmad Command 1 (GET) (trojan.rules) [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Wed Nov 16 16:43:55 2016 [***] [+++] Added rules: 36 [+++] 2011865 - ProApps INFO Embedded Executable File in PDF - This Program Cannot Be Run in DOS Mode (info.rules) 2023514 - ProApps POLICY Android Adups Firmware Checkin (policy.rules) 2023515 - ProApps POLICY Android Adups Firmware DNS Query (policy.rules) 2023516 - ProApps POLICY Android Adups Firmware DNS Query 2 (policy.rules) 2023517 - ProApps POLICY Android Adups Firmware DNS Query 3 (policy.rules) 2023518 - ProApps POLICY Android Adups Firmware DNS Query 4 (policy.rules) 2023519 - ProApps POLICY Android Adups Firmware DNS Query 5 (policy.rules) 2403497 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 198 (ciarmy.rules) 2403498 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 199 (ciarmy.rules) 2403499 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 200 (ciarmy.rules) 2403500 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 201 (ciarmy.rules) 2403501 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 202 (ciarmy.rules) 2403502 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 203 (ciarmy.rules) 2403503 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 204 (ciarmy.rules) 2403504 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 205 (ciarmy.rules) 2403505 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 206 (ciarmy.rules) 2403506 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 207 (ciarmy.rules) 2403507 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 208 (ciarmy.rules) 2403508 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 209 (ciarmy.rules) 2403509 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 210 (ciarmy.rules) 2403510 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 211 (ciarmy.rules) 2403511 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 212 (ciarmy.rules) 2823289 - ProApps TROJAN DNS Query to Cerber Domain (0ot7em . bid) (trojan.rules) 2823290 - ProApps TROJAN DNS Query to Cerber Domain (frr0od . bid) (trojan.rules) 2823291 - ProApps TROJAN DNS Query to Cerber Domain (mpduf5 . bid) (trojan.rules) 2823292 - ProApps TROJAN DNS Query to Cerber Domain (jmz94o . bid) (trojan.rules) 2823293 - ProApps TROJAN DNS Query to Cerber Domain (ewfp5y . bid) (trojan.rules) 2823294 - ProApps TROJAN DNS Query to Cerber Domain (1pr9as . top) (trojan.rules) 2823295 - ProApps TROJAN DNS Query to Cerber Domain (fp6fj6 . top) (trojan.rules) 2823296 - ProApps TROJAN DNS Query to Cerber Domain (le2brr . bid) (trojan.rules) 2823297 - ProApps TROJAN DNS Query to Cerber Domain (ab4dix . bid) (trojan.rules) 2823298 - ProApps TROJAN DNS Query to Cerber Domain (4c71wg . bid) (trojan.rules) 2823299 - ProApps TROJAN PoisonIvy Keepalive to CnC 592 (trojan.rules) 2823300 - ProApps CURRENT_EVENTS Possible Successful Generic Phish (set) Nov 16 2016 (current_events.rules) 2823301 - ProApps TROJAN Zeus Panda Banker Malicious SSL Certificate Detected (trojan.rules) 2823302 - ProApps CURRENT_EVENTS Unknown Adfraud/BlackSEO Redirector (current_events.rules) [+++] Modify rules: 199 [+++] 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2403400 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 101 (ciarmy.rules) 2403401 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 102 (ciarmy.rules) 2403402 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 103 (ciarmy.rules) 2403403 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 104 (ciarmy.rules) 2403404 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 105 (ciarmy.rules) 2403405 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 106 (ciarmy.rules) 2403406 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 107 (ciarmy.rules) 2403407 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 108 (ciarmy.rules) 2403408 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 109 (ciarmy.rules) 2403409 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 110 (ciarmy.rules) 2403410 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 111 (ciarmy.rules) 2403411 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 112 (ciarmy.rules) 2403412 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 113 (ciarmy.rules) 2403413 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 114 (ciarmy.rules) 2403414 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 115 (ciarmy.rules) 2403415 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 116 (ciarmy.rules) 2403416 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 117 (ciarmy.rules) 2403417 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 118 (ciarmy.rules) 2403418 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 119 (ciarmy.rules) 2403419 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 120 (ciarmy.rules) 2403420 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 121 (ciarmy.rules) 2403421 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 122 (ciarmy.rules) 2403422 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 123 (ciarmy.rules) 2403423 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 124 (ciarmy.rules) 2403424 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 125 (ciarmy.rules) 2403425 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 126 (ciarmy.rules) 2403426 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 127 (ciarmy.rules) 2403427 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 128 (ciarmy.rules) 2403428 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 129 (ciarmy.rules) 2403429 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 130 (ciarmy.rules) 2403430 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 131 (ciarmy.rules) 2403431 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 132 (ciarmy.rules) 2403432 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 133 (ciarmy.rules) 2403433 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 134 (ciarmy.rules) 2403434 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 135 (ciarmy.rules) 2403435 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 136 (ciarmy.rules) 2403436 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 137 (ciarmy.rules) 2403437 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 138 (ciarmy.rules) 2403438 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 139 (ciarmy.rules) 2403439 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 140 (ciarmy.rules) 2403440 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 141 (ciarmy.rules) 2403441 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 142 (ciarmy.rules) 2403442 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 143 (ciarmy.rules) 2403443 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 144 (ciarmy.rules) 2403444 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 145 (ciarmy.rules) 2403445 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 146 (ciarmy.rules) 2403446 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 147 (ciarmy.rules) 2403447 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 148 (ciarmy.rules) 2403448 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 149 (ciarmy.rules) 2403449 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 150 (ciarmy.rules) 2403450 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 151 (ciarmy.rules) 2403451 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 152 (ciarmy.rules) 2403452 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 153 (ciarmy.rules) 2403453 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 154 (ciarmy.rules) 2403454 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 155 (ciarmy.rules) 2403455 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 156 (ciarmy.rules) 2403456 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 157 (ciarmy.rules) 2403457 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 158 (ciarmy.rules) 2403458 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 159 (ciarmy.rules) 2403459 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 160 (ciarmy.rules) 2403460 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 161 (ciarmy.rules) 2403461 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 162 (ciarmy.rules) 2403462 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 163 (ciarmy.rules) 2403463 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 164 (ciarmy.rules) 2403464 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 165 (ciarmy.rules) 2403465 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 166 (ciarmy.rules) 2403466 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 167 (ciarmy.rules) 2403467 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 168 (ciarmy.rules) 2403468 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 169 (ciarmy.rules) 2403469 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 170 (ciarmy.rules) 2403470 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 171 (ciarmy.rules) 2403471 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 172 (ciarmy.rules) 2403472 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 173 (ciarmy.rules) 2403473 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 174 (ciarmy.rules) 2403474 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 175 (ciarmy.rules) 2403475 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 176 (ciarmy.rules) 2403476 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 177 (ciarmy.rules) 2403477 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 178 (ciarmy.rules) 2403478 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 179 (ciarmy.rules) 2403479 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 180 (ciarmy.rules) 2403480 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 181 (ciarmy.rules) 2403481 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 182 (ciarmy.rules) 2403482 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 183 (ciarmy.rules) 2403483 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 184 (ciarmy.rules) 2403484 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 185 (ciarmy.rules) 2403485 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 186 (ciarmy.rules) 2403486 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 187 (ciarmy.rules) 2403487 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 188 (ciarmy.rules) 2403488 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 189 (ciarmy.rules) 2403489 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 190 (ciarmy.rules) 2403490 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 191 (ciarmy.rules) 2403491 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 192 (ciarmy.rules) 2403492 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 193 (ciarmy.rules) 2403493 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 194 (ciarmy.rules) 2403494 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 195 (ciarmy.rules) 2403495 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 196 (ciarmy.rules) 2403496 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 197 (ciarmy.rules) 2823256 - ProApps CURRENT_EVENTS Magnitude EK Landing Nov 14 2016 M2 (current_events.rules) [+++] Removed rules: 14 [+++] 2011865 - ProApps WEB_CLIENT Embedded Executable File in PDF - This Program Cannot Be Run in DOS Mode (web_client.rules) 2822407 - ProApps TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822517 - ProApps TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822547 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher.pac DNS Lookup (mobile_malware.rules) 2822819 - ProApps TROJAN DNS Query to Cerber Domain (ledreject . pw) (trojan.rules) 2822820 - ProApps TROJAN DNS Query to Cerber Domain (7j6htz . bid) (trojan.rules) 2822821 - ProApps TROJAN DNS Query to Cerber Domain (sitcalls . us) (trojan.rules) 2822822 - ProApps TROJAN DNS Query to Cerber Domain (8a0sf6 . top) (trojan.rules) 2822823 - ProApps TROJAN DNS Query to Cerber Domain (lesstree . info) (trojan.rules) 2822824 - ProApps TROJAN DNS Query to Cerber Domain (w0ii21 . bid) (trojan.rules) 2822825 - ProApps TROJAN DNS Query to Cerber Domain (en3oyw . bid) (trojan.rules) 2822826 - ProApps TROJAN DNS Query to Cerber Domain (apreserve . asia) (trojan.rules) 2822827 - ProApps TROJAN DNS Query to Cerber Domain (t01jw0 . bid) (trojan.rules) 2822828 - ProApps TROJAN DNS Query to Cerber Domain (xvstbw . bid) (trojan.rules) [***] ProApps Security IDS Rules Changelog started Tue Nov 15 16:55:02 2016 [***] [+++] Added rules: 46 [+++] 2023507 - ProApps MOBILE_MALWARE Android.Trojan.HiddenApp.OU Checkin (mobile_malware.rules) 2023508 - ProApps MOBILE_MALWARE Android.Trojan.HiddenApp.OU Checkin 2 (mobile_malware.rules) 2023509 - ProApps MOBILE_MALWARE Android.Trojan.HiddenApp.OU SSL CnC Cert (mobile_malware.rules) 2023510 - ProApps SCAN Redis SSH Key Overwrite Probing (scan.rules) 2023511 - ProApps EXPLOIT REDIS Attemted SSH Authorized Key Writing Attempt (exploit.rules) 2023512 - ProApps EXPLOIT REDIS Attempted SSH Key Upload (exploit.rules) 2023513 - ProApps CURRENT_EVENTS Evil Redirector Leading to EK Nov 15 2016 (current_events.rules) 2403494 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 195 (ciarmy.rules) 2403495 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 196 (ciarmy.rules) 2403496 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 197 (ciarmy.rules) 2823253 - ProApps CURRENT_EVENTS MalDoc Requesting Payload Nov 14 (current_events.rules) 2823254 - ProApps TROJAN ScanPOS Exfiltrating CC Data (trojan.rules) 2823255 - ProApps CURRENT_EVENTS Magnitude EK Landing Nov 14 2016 (current_events.rules) 2823256 - ProApps CURRENT_EVENTS Magntitude EK Landing Nov 14 2016 M2 (current_events.rules) 2823257 - ProApps TROJAN PoisonIvy Keepalive to CnC 586 (trojan.rules) 2823258 - ProApps TROJAN PoisonIvy Keepalive to CnC 587 (trojan.rules) 2823259 - ProApps TROJAN PoisonIvy Keepalive to CnC 588 (trojan.rules) 2823260 - ProApps TROJAN PoisonIvy Keepalive to CnC 589 (trojan.rules) 2823261 - ProApps TROJAN PoisonIvy Keepalive to CnC 590 (trojan.rules) 2823262 - ProApps TROJAN PoisonIvy Keepalive to CnC 591 (trojan.rules) 2823263 - ProApps CURRENT_EVENTS Possible Successful Generic Phish (set) Nov 15 2016 (current_events.rules) 2823264 - ProApps MOBILE_MALWARE Trojan-Downloader.AndroidOS.Rootnik.f Checkin (mobile_malware.rules) 2823265 - ProApps MALWARE W32.DLHelper Checkin (malware.rules) 2823266 - ProApps CURRENT_EVENTS Successful Dynamic Folder Phish Nov 15 2016 (current_events.rules) 2823267 - ProApps CURRENT_EVENTS Successful Apple Phish M1 Nov 15 2016 (current_events.rules) 2823268 - ProApps CURRENT_EVENTS Successful Apple Phish M2 Nov 15 2016 (current_events.rules) 2823269 - ProApps CURRENT_EVENTS Successful Personalized Realtor.com Phish Nov 15 2016 (current_events.rules) 2823270 - ProApps CURRENT_EVENTS Successful DHL Phish Nov 15 2016 (current_events.rules) 2823271 - ProApps CURRENT_EVENTS Successful Netflix Phish Nov 15 2016 (current_events.rules) 2823272 - ProApps CURRENT_EVENTS Successful Adobe Shared Document Phish Nov 15 2016 (current_events.rules) 2823273 - ProApps CURRENT_EVENTS Successful OWA Phish Nov 15 2016 (current_events.rules) 2823274 - ProApps CURRENT_EVENTS Successful WhatsApp Payment Phish M1 Nov 15 2016 (current_events.rules) 2823275 - ProApps CURRENT_EVENTS Successful WhatsApp Payment Phish M2 Nov 15 2016 (current_events.rules) 2823276 - ProApps TROJAN DNS Query to Cerber Domain (51a47u . bid) (trojan.rules) 2823277 - ProApps TROJAN DNS Query to Cerber Domain (lpnef4 . bid) (trojan.rules) 2823278 - ProApps TROJAN DNS Query to Cerber Domain (l6nhw7 . bid) (trojan.rules) 2823279 - ProApps TROJAN DNS Query to Cerber Domain (sx90yk . bid) (trojan.rules) 2823280 - ProApps TROJAN DNS Query to Cerber Domain (cm5ohx . bid) (trojan.rules) 2823281 - ProApps TROJAN DNS Query to Cerber Domain (v9y6z8 . bid) (trojan.rules) 2823282 - ProApps TROJAN DNS Query to Cerber Domain (ohpw50 . top) (trojan.rules) 2823283 - ProApps TROJAN DNS Query to Cerber Domain (catfills . mobi) (trojan.rules) 2823284 - ProApps TROJAN DNS Query to Cerber Domain (j5spvw . bid) (trojan.rules) 2823285 - ProApps TROJAN DNS Query to Cerber Domain (byeraser . lol) (trojan.rules) 2823286 - ProApps TROJAN Observed Malicious SSL Cert (Gootkit CnC) (trojan.rules) 2823287 - ProApps TROJAN APT28 XAgent DNS Lookup (trojan.rules) 2823288 - ProApps TROJAN Zeus Variant CnC SSL Cert (trojan.rules) [+++] Modify rules: 200 [+++] 2022225 - ProApps TROJAN Vawtrak HTTP CnC Beacon (trojan.rules) 2022504 - ProApps TROJAN Alphacrypt/TeslaCrypt Ransomware CnC Beacon (trojan.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2403400 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 101 (ciarmy.rules) 2403401 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 102 (ciarmy.rules) 2403402 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 103 (ciarmy.rules) 2403403 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 104 (ciarmy.rules) 2403404 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 105 (ciarmy.rules) 2403405 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 106 (ciarmy.rules) 2403406 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 107 (ciarmy.rules) 2403407 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 108 (ciarmy.rules) 2403408 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 109 (ciarmy.rules) 2403409 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 110 (ciarmy.rules) 2403410 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 111 (ciarmy.rules) 2403411 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 112 (ciarmy.rules) 2403412 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 113 (ciarmy.rules) 2403413 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 114 (ciarmy.rules) 2403414 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 115 (ciarmy.rules) 2403415 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 116 (ciarmy.rules) 2403416 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 117 (ciarmy.rules) 2403417 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 118 (ciarmy.rules) 2403418 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 119 (ciarmy.rules) 2403419 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 120 (ciarmy.rules) 2403420 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 121 (ciarmy.rules) 2403421 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 122 (ciarmy.rules) 2403422 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 123 (ciarmy.rules) 2403423 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 124 (ciarmy.rules) 2403424 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 125 (ciarmy.rules) 2403425 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 126 (ciarmy.rules) 2403426 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 127 (ciarmy.rules) 2403427 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 128 (ciarmy.rules) 2403428 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 129 (ciarmy.rules) 2403429 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 130 (ciarmy.rules) 2403430 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 131 (ciarmy.rules) 2403431 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 132 (ciarmy.rules) 2403432 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 133 (ciarmy.rules) 2403433 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 134 (ciarmy.rules) 2403434 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 135 (ciarmy.rules) 2403435 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 136 (ciarmy.rules) 2403436 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 137 (ciarmy.rules) 2403437 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 138 (ciarmy.rules) 2403438 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 139 (ciarmy.rules) 2403439 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 140 (ciarmy.rules) 2403440 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 141 (ciarmy.rules) 2403441 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 142 (ciarmy.rules) 2403442 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 143 (ciarmy.rules) 2403443 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 144 (ciarmy.rules) 2403444 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 145 (ciarmy.rules) 2403445 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 146 (ciarmy.rules) 2403446 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 147 (ciarmy.rules) 2403447 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 148 (ciarmy.rules) 2403448 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 149 (ciarmy.rules) 2403449 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 150 (ciarmy.rules) 2403450 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 151 (ciarmy.rules) 2403451 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 152 (ciarmy.rules) 2403452 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 153 (ciarmy.rules) 2403453 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 154 (ciarmy.rules) 2403454 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 155 (ciarmy.rules) 2403455 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 156 (ciarmy.rules) 2403456 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 157 (ciarmy.rules) 2403457 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 158 (ciarmy.rules) 2403458 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 159 (ciarmy.rules) 2403459 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 160 (ciarmy.rules) 2403460 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 161 (ciarmy.rules) 2403461 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 162 (ciarmy.rules) 2403462 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 163 (ciarmy.rules) 2403463 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 164 (ciarmy.rules) 2403464 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 165 (ciarmy.rules) 2403465 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 166 (ciarmy.rules) 2403466 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 167 (ciarmy.rules) 2403467 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 168 (ciarmy.rules) 2403468 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 169 (ciarmy.rules) 2403469 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 170 (ciarmy.rules) 2403470 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 171 (ciarmy.rules) 2403471 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 172 (ciarmy.rules) 2403472 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 173 (ciarmy.rules) 2403473 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 174 (ciarmy.rules) 2403474 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 175 (ciarmy.rules) 2403475 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 176 (ciarmy.rules) 2403476 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 177 (ciarmy.rules) 2403477 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 178 (ciarmy.rules) 2403478 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 179 (ciarmy.rules) 2403479 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 180 (ciarmy.rules) 2403480 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 181 (ciarmy.rules) 2403481 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 182 (ciarmy.rules) 2403482 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 183 (ciarmy.rules) 2403483 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 184 (ciarmy.rules) 2403484 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 185 (ciarmy.rules) 2403485 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 186 (ciarmy.rules) 2403486 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 187 (ciarmy.rules) 2403487 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 188 (ciarmy.rules) 2403488 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 189 (ciarmy.rules) 2403489 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 190 (ciarmy.rules) 2403490 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 191 (ciarmy.rules) 2403491 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 192 (ciarmy.rules) 2403492 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 193 (ciarmy.rules) 2403493 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 194 (ciarmy.rules) 2823171 - ProApps CURRENT_EVENTS MalDoc Payload Inbound Nov 08 (current_events.rules) 2823251 - ProApps CURRENT_EVENTS Malicious JS to PS Dropping PE Nov 14 (current_events.rules) 2823252 - ProApps TROJAN CryptoLuck / YafunnLocker Ransomware CnC Checkin (trojan.rules) [+++] Removed rules: 1 [+++] 2820993 - ProApps SCAN Redis SSH Key Overwrite Probing (scan.rules) [***] ProApps Security IDS Rules Changelog started Mon Nov 14 17:06:30 2016 [***] [+++] Added rules: 22 [+++] 2023503 - ProApps TROJAN XRatLocker/AiraCrop Ransomware Payment Domain (trojan.rules) 2023504 - ProApps TROJAN XRatLocker/AiraCrop Ransomware Payment Domain (trojan.rules) 2023505 - ProApps TROJAN CerberTear Ransomware CnC Checkin (trojan.rules) 2023506 - ProApps TROJAN MSIL/Alcatrez Locker Ransomware CnC Checkin (trojan.rules) 2823235 - ProApps TROJAN HappyLocker Ransomware CnC Checkin (trojan.rules) 2823236 - ProApps TROJAN Win32/Rahkni Ransomware CnC Checkin (trojan.rules) 2823237 - ProApps TROJAN Win32/AutoLocky Ransomware CnC Checkin (trojan.rules) 2823238 - ProApps TROJAN MotoxLocker Ransomware CnC Checkin (trojan.rules) 2823239 - ProApps TROJAN CuteRansomware CnC Activity (trojan.rules) 2823240 - ProApps TROJAN Magic Ransomware CnC Checkin (trojan.rules) 2823241 - ProApps TROJAN Shark/Atom Ransomware CnC Checkin (trojan.rules) 2823242 - ProApps TROJAN Cryptus Ransomware CnC Checkin (trojan.rules) 2823243 - ProApps TROJAN Observed Malicious Ransomware SSL Cert (WickedLocker) (trojan.rules) 2823244 - ProApps TROJAN Observed Malicious Ransomware Domain SSL Cert in SNI (Hidden-Tear Variant) (trojan.rules) 2823245 - ProApps TROJAN Observed Malicious Ransomware Domain SSL Cert in SNI (Hidden-Tear Variant) (trojan.rules) 2823246 - ProApps TROJAN MSIL/Unk.CoinMiner CnC Checkin (trojan.rules) 2823247 - ProApps CURRENT_EVENTS Evil Redirector Leading to EK Keitaro TDS Nov 14 2016 (current_events.rules) 2823248 - ProApps TROJAN Win32/Downware CnC SSL Certificate Detected (trojan.rules) 2823249 - ProApps TROJAN Ransomware/Cerber Onion Domain Lookup (trojan.rules) 2823250 - ProApps TROJAN KryptoLocker Ransomware CnC Checkin (trojan.rules) 2823251 - ProApps CURRENT_EVENTS Malicious JS to PS Dropping PE Nov 14 (current_events.rules) 2823252 - ProApps TROJAN YafunnLocker Ransomware CnC Checkin (trojan.rules) [+++] Modify rules: 229 [+++] 2400000 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 1 (drop.rules) 2400001 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 2 (drop.rules) 2400002 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 3 (drop.rules) 2400003 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 4 (drop.rules) 2400004 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 5 (drop.rules) 2400005 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 6 (drop.rules) 2400006 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 7 (drop.rules) 2400007 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 8 (drop.rules) 2400008 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 9 (drop.rules) 2400009 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 10 (drop.rules) 2400010 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 11 (drop.rules) 2400011 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 12 (drop.rules) 2400012 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 13 (drop.rules) 2400013 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 14 (drop.rules) 2400014 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 15 (drop.rules) 2400015 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 16 (drop.rules) 2400016 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 17 (drop.rules) 2400017 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 18 (drop.rules) 2400018 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 19 (drop.rules) 2400019 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 20 (drop.rules) 2400020 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 21 (drop.rules) 2400021 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 22 (drop.rules) 2400022 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 23 (drop.rules) 2400023 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 24 (drop.rules) 2400024 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 25 (drop.rules) 2400025 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 26 (drop.rules) 2400026 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 27 (drop.rules) 2400027 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 28 (drop.rules) 2400028 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 29 (drop.rules) 2400029 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 30 (drop.rules) 2400030 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 31 (drop.rules) 2400031 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 32 (drop.rules) 2400032 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 33 (drop.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2403400 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 101 (ciarmy.rules) 2403401 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 102 (ciarmy.rules) 2403402 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 103 (ciarmy.rules) 2403403 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 104 (ciarmy.rules) 2403404 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 105 (ciarmy.rules) 2403405 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 106 (ciarmy.rules) 2403406 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 107 (ciarmy.rules) 2403407 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 108 (ciarmy.rules) 2403408 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 109 (ciarmy.rules) 2403409 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 110 (ciarmy.rules) 2403410 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 111 (ciarmy.rules) 2403411 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 112 (ciarmy.rules) 2403412 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 113 (ciarmy.rules) 2403413 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 114 (ciarmy.rules) 2403414 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 115 (ciarmy.rules) 2403415 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 116 (ciarmy.rules) 2403416 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 117 (ciarmy.rules) 2403417 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 118 (ciarmy.rules) 2403418 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 119 (ciarmy.rules) 2403419 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 120 (ciarmy.rules) 2403420 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 121 (ciarmy.rules) 2403421 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 122 (ciarmy.rules) 2403422 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 123 (ciarmy.rules) 2403423 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 124 (ciarmy.rules) 2403424 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 125 (ciarmy.rules) 2403425 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 126 (ciarmy.rules) 2403426 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 127 (ciarmy.rules) 2403427 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 128 (ciarmy.rules) 2403428 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 129 (ciarmy.rules) 2403429 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 130 (ciarmy.rules) 2403430 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 131 (ciarmy.rules) 2403431 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 132 (ciarmy.rules) 2403432 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 133 (ciarmy.rules) 2403433 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 134 (ciarmy.rules) 2403434 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 135 (ciarmy.rules) 2403435 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 136 (ciarmy.rules) 2403436 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 137 (ciarmy.rules) 2403437 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 138 (ciarmy.rules) 2403438 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 139 (ciarmy.rules) 2403439 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 140 (ciarmy.rules) 2403440 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 141 (ciarmy.rules) 2403441 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 142 (ciarmy.rules) 2403442 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 143 (ciarmy.rules) 2403443 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 144 (ciarmy.rules) 2403444 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 145 (ciarmy.rules) 2403445 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 146 (ciarmy.rules) 2403446 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 147 (ciarmy.rules) 2403447 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 148 (ciarmy.rules) 2403448 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 149 (ciarmy.rules) 2403449 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 150 (ciarmy.rules) 2403450 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 151 (ciarmy.rules) 2403451 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 152 (ciarmy.rules) 2403452 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 153 (ciarmy.rules) 2403453 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 154 (ciarmy.rules) 2403454 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 155 (ciarmy.rules) 2403455 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 156 (ciarmy.rules) 2403456 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 157 (ciarmy.rules) 2403457 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 158 (ciarmy.rules) 2403458 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 159 (ciarmy.rules) 2403459 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 160 (ciarmy.rules) 2403460 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 161 (ciarmy.rules) 2403461 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 162 (ciarmy.rules) 2403462 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 163 (ciarmy.rules) 2403463 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 164 (ciarmy.rules) 2403464 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 165 (ciarmy.rules) 2403465 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 166 (ciarmy.rules) 2403466 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 167 (ciarmy.rules) 2403467 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 168 (ciarmy.rules) 2403468 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 169 (ciarmy.rules) 2403469 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 170 (ciarmy.rules) 2403470 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 171 (ciarmy.rules) 2403471 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 172 (ciarmy.rules) 2403472 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 173 (ciarmy.rules) 2403473 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 174 (ciarmy.rules) 2403474 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 175 (ciarmy.rules) 2403475 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 176 (ciarmy.rules) 2403476 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 177 (ciarmy.rules) 2403477 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 178 (ciarmy.rules) 2403478 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 179 (ciarmy.rules) 2403479 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 180 (ciarmy.rules) 2403480 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 181 (ciarmy.rules) 2403481 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 182 (ciarmy.rules) 2403482 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 183 (ciarmy.rules) 2403483 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 184 (ciarmy.rules) 2403484 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 185 (ciarmy.rules) 2403485 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 186 (ciarmy.rules) 2403486 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 187 (ciarmy.rules) 2403487 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 188 (ciarmy.rules) 2403488 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 189 (ciarmy.rules) 2403489 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 190 (ciarmy.rules) 2403490 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 191 (ciarmy.rules) 2403491 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 192 (ciarmy.rules) 2403492 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 193 (ciarmy.rules) 2403493 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 194 (ciarmy.rules) 2820192 - ProApps TROJAN Win32/PaySafeCrypt Ransomware .onion Proxy Domain (trojan.rules) [+++] Removed rules: 38 [+++] 2403494 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 195 (ciarmy.rules) 2403495 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 196 (ciarmy.rules) 2403496 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 197 (ciarmy.rules) 2403497 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 198 (ciarmy.rules) 2403498 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 199 (ciarmy.rules) 2403499 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 200 (ciarmy.rules) 2403500 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 201 (ciarmy.rules) 2403501 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 202 (ciarmy.rules) 2403502 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 203 (ciarmy.rules) 2403503 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 204 (ciarmy.rules) 2403504 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 205 (ciarmy.rules) 2403505 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 206 (ciarmy.rules) 2403506 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 207 (ciarmy.rules) 2403507 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 208 (ciarmy.rules) 2403508 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 209 (ciarmy.rules) 2403509 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 210 (ciarmy.rules) 2403510 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 211 (ciarmy.rules) 2403511 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 212 (ciarmy.rules) 2403512 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 213 (ciarmy.rules) 2403513 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 214 (ciarmy.rules) 2403514 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 215 (ciarmy.rules) 2403515 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 216 (ciarmy.rules) 2403516 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 217 (ciarmy.rules) 2403517 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 218 (ciarmy.rules) 2403518 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 219 (ciarmy.rules) 2403519 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 220 (ciarmy.rules) 2403520 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 221 (ciarmy.rules) 2403521 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 222 (ciarmy.rules) 2403522 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 223 (ciarmy.rules) 2403523 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 224 (ciarmy.rules) 2403524 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 225 (ciarmy.rules) 2403525 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 226 (ciarmy.rules) 2403526 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 227 (ciarmy.rules) 2403527 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 228 (ciarmy.rules) 2403528 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 229 (ciarmy.rules) 2403529 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 230 (ciarmy.rules) 2403530 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 231 (ciarmy.rules) 2403531 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 232 (ciarmy.rules) [***] ProApps Security IDS Rules Changelog started Fri Nov 11 16:56:37 2016 [***] [+++] Added rules: 23 [+++] 2023497 - ProApps DOS Microsoft Windows LSASS Remote Memory Corruption (dos.rules) 2023498 - ProApps TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gozi MITM) (trojan.rules) 2023499 - ProApps TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (FindPOS CnC) (trojan.rules) 2023500 - ProApps MOBILE_MALWARE Possible iOS WebView Auto Dialer 1 (mobile_malware.rules) 2023501 - ProApps MOBILE_MALWARE Possible iOS WebView Auto Dialer 2 (mobile_malware.rules) 2023502 - ProApps TROJAN ABUSE.CH SSL Fingerprint Blacklist Malicious SSL Certificate Detected (Gootkit C2) (trojan.rules) 2823218 - ProApps TROJAN CryptoLocker Ransomware Variant CnC Checkin (trojan.rules) 2823219 - ProApps TROJAN Reincarna/Linux.Wifatch Banner Served (trojan.rules) 2823220 - ProApps TROJAN DNS Query to Cerber Domain (w8yolm . bid) (trojan.rules) 2823221 - ProApps TROJAN DNS Query to Cerber Domain (91006j . bid) (trojan.rules) 2823222 - ProApps TROJAN DNS Query to Cerber Domain (nh47ri . bid) (trojan.rules) 2823223 - ProApps TROJAN DNS Query to Cerber Domain (d3j2xd . bid) (trojan.rules) 2823224 - ProApps TROJAN DNS Query to Cerber Domain (djintc . bid) (trojan.rules) 2823225 - ProApps TROJAN DNS Query to Cerber Domain (uhi7to . bid) (trojan.rules) 2823226 - ProApps TROJAN DNS Query to Cerber Domain (payours . men) (trojan.rules) 2823227 - ProApps TROJAN DNS Query to Cerber Domain (o8hpwj . top) (trojan.rules) 2823228 - ProApps TROJAN DNS Query to Cerber Domain (wf9li1 . bid) (trojan.rules) 2823229 - ProApps TROJAN DNS Query to Cerber Domain (f0jlbj . bid) (trojan.rules) 2823230 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2016-11-11 1) (trojan.rules) 2823231 - ProApps TROJAN Bitcoin Miner Known Malicious Basic Auth (YXN5bHVtXzE6MTIz) (trojan.rules) 2823232 - ProApps TROJAN Linux/Mr.Black.DDoS Checkin (trojan.rules) 2823233 - ProApps TROJAN Linux/Mr.Black.DDoS Keep-Alive (trojan.rules) 2823234 - ProApps TROJAN MSIL.Neutron Checkin (trojan.rules) [+++] Modify rules: 235 [+++] 2022627 - ProApps TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Dridex) (trojan.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2403400 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 101 (ciarmy.rules) 2403401 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 102 (ciarmy.rules) 2403402 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 103 (ciarmy.rules) 2403403 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 104 (ciarmy.rules) 2403404 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 105 (ciarmy.rules) 2403405 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 106 (ciarmy.rules) 2403406 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 107 (ciarmy.rules) 2403407 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 108 (ciarmy.rules) 2403408 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 109 (ciarmy.rules) 2403409 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 110 (ciarmy.rules) 2403410 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 111 (ciarmy.rules) 2403411 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 112 (ciarmy.rules) 2403412 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 113 (ciarmy.rules) 2403413 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 114 (ciarmy.rules) 2403414 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 115 (ciarmy.rules) 2403415 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 116 (ciarmy.rules) 2403416 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 117 (ciarmy.rules) 2403417 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 118 (ciarmy.rules) 2403418 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 119 (ciarmy.rules) 2403419 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 120 (ciarmy.rules) 2403420 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 121 (ciarmy.rules) 2403421 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 122 (ciarmy.rules) 2403422 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 123 (ciarmy.rules) 2403423 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 124 (ciarmy.rules) 2403424 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 125 (ciarmy.rules) 2403425 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 126 (ciarmy.rules) 2403426 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 127 (ciarmy.rules) 2403427 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 128 (ciarmy.rules) 2403428 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 129 (ciarmy.rules) 2403429 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 130 (ciarmy.rules) 2403430 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 131 (ciarmy.rules) 2403431 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 132 (ciarmy.rules) 2403432 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 133 (ciarmy.rules) 2403433 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 134 (ciarmy.rules) 2403434 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 135 (ciarmy.rules) 2403435 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 136 (ciarmy.rules) 2403436 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 137 (ciarmy.rules) 2403437 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 138 (ciarmy.rules) 2403438 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 139 (ciarmy.rules) 2403439 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 140 (ciarmy.rules) 2403440 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 141 (ciarmy.rules) 2403441 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 142 (ciarmy.rules) 2403442 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 143 (ciarmy.rules) 2403443 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 144 (ciarmy.rules) 2403444 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 145 (ciarmy.rules) 2403445 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 146 (ciarmy.rules) 2403446 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 147 (ciarmy.rules) 2403447 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 148 (ciarmy.rules) 2403448 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 149 (ciarmy.rules) 2403449 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 150 (ciarmy.rules) 2403450 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 151 (ciarmy.rules) 2403451 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 152 (ciarmy.rules) 2403452 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 153 (ciarmy.rules) 2403453 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 154 (ciarmy.rules) 2403454 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 155 (ciarmy.rules) 2403455 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 156 (ciarmy.rules) 2403456 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 157 (ciarmy.rules) 2403457 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 158 (ciarmy.rules) 2403458 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 159 (ciarmy.rules) 2403459 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 160 (ciarmy.rules) 2403460 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 161 (ciarmy.rules) 2403461 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 162 (ciarmy.rules) 2403462 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 163 (ciarmy.rules) 2403463 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 164 (ciarmy.rules) 2403464 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 165 (ciarmy.rules) 2403465 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 166 (ciarmy.rules) 2403466 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 167 (ciarmy.rules) 2403467 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 168 (ciarmy.rules) 2403468 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 169 (ciarmy.rules) 2403469 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 170 (ciarmy.rules) 2403470 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 171 (ciarmy.rules) 2403471 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 172 (ciarmy.rules) 2403472 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 173 (ciarmy.rules) 2403473 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 174 (ciarmy.rules) 2403474 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 175 (ciarmy.rules) 2403475 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 176 (ciarmy.rules) 2403476 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 177 (ciarmy.rules) 2403477 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 178 (ciarmy.rules) 2403478 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 179 (ciarmy.rules) 2403479 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 180 (ciarmy.rules) 2403480 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 181 (ciarmy.rules) 2403481 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 182 (ciarmy.rules) 2403482 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 183 (ciarmy.rules) 2403483 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 184 (ciarmy.rules) 2403484 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 185 (ciarmy.rules) 2403485 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 186 (ciarmy.rules) 2403486 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 187 (ciarmy.rules) 2403487 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 188 (ciarmy.rules) 2403488 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 189 (ciarmy.rules) 2403489 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 190 (ciarmy.rules) 2403490 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 191 (ciarmy.rules) 2403491 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 192 (ciarmy.rules) 2403492 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 193 (ciarmy.rules) 2403493 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 194 (ciarmy.rules) 2403494 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 195 (ciarmy.rules) 2403495 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 196 (ciarmy.rules) 2403496 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 197 (ciarmy.rules) 2403497 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 198 (ciarmy.rules) 2403498 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 199 (ciarmy.rules) 2403499 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 200 (ciarmy.rules) 2403500 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 201 (ciarmy.rules) 2403501 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 202 (ciarmy.rules) 2403502 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 203 (ciarmy.rules) 2403503 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 204 (ciarmy.rules) 2403504 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 205 (ciarmy.rules) 2403505 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 206 (ciarmy.rules) 2403506 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 207 (ciarmy.rules) 2403507 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 208 (ciarmy.rules) 2403508 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 209 (ciarmy.rules) 2403509 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 210 (ciarmy.rules) 2403510 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 211 (ciarmy.rules) 2403511 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 212 (ciarmy.rules) 2403512 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 213 (ciarmy.rules) 2403513 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 214 (ciarmy.rules) 2403514 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 215 (ciarmy.rules) 2403515 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 216 (ciarmy.rules) 2403516 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 217 (ciarmy.rules) 2403517 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 218 (ciarmy.rules) 2403518 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 219 (ciarmy.rules) 2403519 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 220 (ciarmy.rules) 2403520 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 221 (ciarmy.rules) 2403521 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 222 (ciarmy.rules) 2403522 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 223 (ciarmy.rules) 2403523 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 224 (ciarmy.rules) 2403524 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 225 (ciarmy.rules) 2403525 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 226 (ciarmy.rules) 2403526 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 227 (ciarmy.rules) 2403527 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 228 (ciarmy.rules) 2403528 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 229 (ciarmy.rules) 2403529 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 230 (ciarmy.rules) 2403530 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 231 (ciarmy.rules) 2403531 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 232 (ciarmy.rules) 2815562 - ProApps CURRENT_EVENTS Base64 HTTP URL Refresh - Common Phish Landing Obfuscation Dec 31 (current_events.rules) [+++] Removed rules: 18 [+++] 2403532 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 233 (ciarmy.rules) 2403533 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 234 (ciarmy.rules) 2403534 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 235 (ciarmy.rules) 2403535 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 236 (ciarmy.rules) 2403536 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 237 (ciarmy.rules) 2403537 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 238 (ciarmy.rules) 2403538 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 239 (ciarmy.rules) 2403539 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 240 (ciarmy.rules) 2403540 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 241 (ciarmy.rules) 2403541 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 242 (ciarmy.rules) 2403542 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 243 (ciarmy.rules) 2403543 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 244 (ciarmy.rules) 2403544 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 245 (ciarmy.rules) 2403545 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 246 (ciarmy.rules) 2403546 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 247 (ciarmy.rules) 2403547 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 248 (ciarmy.rules) 2403548 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 249 (ciarmy.rules) 2823134 - ProApps TROJAN Malicious SSL certificate detected (Gootkit CnC) (trojan.rules) [***] ProApps Security IDS Rules Changelog started Thu Nov 10 17:14:04 2016 [***] [+++] Added rules: 26 [+++] 2023496 - ProApps TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Vawtrak CnC) (trojan.rules) 2403545 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 246 (ciarmy.rules) 2403546 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 247 (ciarmy.rules) 2403547 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 248 (ciarmy.rules) 2403548 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 249 (ciarmy.rules) 2807926 - ProApps POLICY Possible UltraVNC Usage Detected (policy.rules) 2823198 - ProApps TROJAN Likely APT29 Stage2 SSL Cert (trojan.rules) 2823199 - ProApps TROJAN Likely APT29 Stage2 SSL Cert (trojan.rules) 2823200 - ProApps TROJAN PoisonIvy Keepalive to CnC 584 (trojan.rules) 2823201 - ProApps TROJAN PoisonIvy Keepalive to CnC 585 (trojan.rules) 2823202 - ProApps TROJAN Observed Malicious Domain SSL Cert in SNI (Remoto BR CnC) (trojan.rules) 2823203 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher SSL CnC Cert (mobile_malware.rules) 2823204 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher SSL CnC Cert (mobile_malware.rules) 2823205 - ProApps TROJAN DNS Query to Cerber Domain (z6a7f1 . bid) (trojan.rules) 2823206 - ProApps TROJAN DNS Query to Cerber Domain (seemby . loan) (trojan.rules) 2823207 - ProApps TROJAN DNS Query to Cerber Domain (zn90h4 . bid) (trojan.rules) 2823208 - ProApps TROJAN DNS Query to Cerber Domain (csv7o6 . bid) (trojan.rules) 2823209 - ProApps TROJAN DNS Query to Cerber Domain (yjy5dr . bid) (trojan.rules) 2823210 - ProApps TROJAN DNS Query to Cerber Domain (j0n83w . bid) (trojan.rules) 2823211 - ProApps TROJAN DNS Query to Cerber Domain (hlexdu . bid) (trojan.rules) 2823212 - ProApps TROJAN DNS Query to Cerber Domain (n20b1c . top) (trojan.rules) 2823213 - ProApps TROJAN DNS Query to Cerber Domain (7barzc . bid) (trojan.rules) 2823214 - ProApps TROJAN DNS Query to Cerber Domain (aclox4 . bid) (trojan.rules) 2823215 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Ledoden.a Checkin (mobile_malware.rules) 2823216 - ProApps WEB_SPECIFIC_APPS XM1RPC Spam Backdoor Access (web_specific_apps.rules) 2823217 - ProApps TROJAN Likely APT29 Stage2 SSL Cert (trojan.rules) [+++] Modify rules: 252 [+++] 2020899 - ProApps EXPLOIT D-Link Devices Home Network Administration Protocol Command Execution (exploit.rules) 2022504 - ProApps TROJAN Alphacrypt/TeslaCrypt Ransomware CnC Beacon (trojan.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2403400 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 101 (ciarmy.rules) 2403401 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 102 (ciarmy.rules) 2403402 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 103 (ciarmy.rules) 2403403 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 104 (ciarmy.rules) 2403404 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 105 (ciarmy.rules) 2403405 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 106 (ciarmy.rules) 2403406 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 107 (ciarmy.rules) 2403407 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 108 (ciarmy.rules) 2403408 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 109 (ciarmy.rules) 2403409 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 110 (ciarmy.rules) 2403410 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 111 (ciarmy.rules) 2403411 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 112 (ciarmy.rules) 2403412 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 113 (ciarmy.rules) 2403413 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 114 (ciarmy.rules) 2403414 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 115 (ciarmy.rules) 2403415 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 116 (ciarmy.rules) 2403416 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 117 (ciarmy.rules) 2403417 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 118 (ciarmy.rules) 2403418 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 119 (ciarmy.rules) 2403419 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 120 (ciarmy.rules) 2403420 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 121 (ciarmy.rules) 2403421 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 122 (ciarmy.rules) 2403422 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 123 (ciarmy.rules) 2403423 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 124 (ciarmy.rules) 2403424 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 125 (ciarmy.rules) 2403425 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 126 (ciarmy.rules) 2403426 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 127 (ciarmy.rules) 2403427 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 128 (ciarmy.rules) 2403428 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 129 (ciarmy.rules) 2403429 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 130 (ciarmy.rules) 2403430 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 131 (ciarmy.rules) 2403431 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 132 (ciarmy.rules) 2403432 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 133 (ciarmy.rules) 2403433 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 134 (ciarmy.rules) 2403434 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 135 (ciarmy.rules) 2403435 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 136 (ciarmy.rules) 2403436 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 137 (ciarmy.rules) 2403437 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 138 (ciarmy.rules) 2403438 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 139 (ciarmy.rules) 2403439 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 140 (ciarmy.rules) 2403440 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 141 (ciarmy.rules) 2403441 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 142 (ciarmy.rules) 2403442 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 143 (ciarmy.rules) 2403443 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 144 (ciarmy.rules) 2403444 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 145 (ciarmy.rules) 2403445 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 146 (ciarmy.rules) 2403446 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 147 (ciarmy.rules) 2403447 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 148 (ciarmy.rules) 2403448 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 149 (ciarmy.rules) 2403449 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 150 (ciarmy.rules) 2403450 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 151 (ciarmy.rules) 2403451 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 152 (ciarmy.rules) 2403452 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 153 (ciarmy.rules) 2403453 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 154 (ciarmy.rules) 2403454 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 155 (ciarmy.rules) 2403455 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 156 (ciarmy.rules) 2403456 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 157 (ciarmy.rules) 2403457 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 158 (ciarmy.rules) 2403458 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 159 (ciarmy.rules) 2403459 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 160 (ciarmy.rules) 2403460 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 161 (ciarmy.rules) 2403461 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 162 (ciarmy.rules) 2403462 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 163 (ciarmy.rules) 2403463 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 164 (ciarmy.rules) 2403464 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 165 (ciarmy.rules) 2403465 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 166 (ciarmy.rules) 2403466 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 167 (ciarmy.rules) 2403467 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 168 (ciarmy.rules) 2403468 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 169 (ciarmy.rules) 2403469 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 170 (ciarmy.rules) 2403470 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 171 (ciarmy.rules) 2403471 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 172 (ciarmy.rules) 2403472 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 173 (ciarmy.rules) 2403473 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 174 (ciarmy.rules) 2403474 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 175 (ciarmy.rules) 2403475 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 176 (ciarmy.rules) 2403476 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 177 (ciarmy.rules) 2403477 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 178 (ciarmy.rules) 2403478 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 179 (ciarmy.rules) 2403479 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 180 (ciarmy.rules) 2403480 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 181 (ciarmy.rules) 2403481 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 182 (ciarmy.rules) 2403482 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 183 (ciarmy.rules) 2403483 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 184 (ciarmy.rules) 2403484 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 185 (ciarmy.rules) 2403485 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 186 (ciarmy.rules) 2403486 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 187 (ciarmy.rules) 2403487 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 188 (ciarmy.rules) 2403488 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 189 (ciarmy.rules) 2403489 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 190 (ciarmy.rules) 2403490 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 191 (ciarmy.rules) 2403491 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 192 (ciarmy.rules) 2403492 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 193 (ciarmy.rules) 2403493 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 194 (ciarmy.rules) 2403494 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 195 (ciarmy.rules) 2403495 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 196 (ciarmy.rules) 2403496 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 197 (ciarmy.rules) 2403497 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 198 (ciarmy.rules) 2403498 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 199 (ciarmy.rules) 2403499 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 200 (ciarmy.rules) 2403500 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 201 (ciarmy.rules) 2403501 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 202 (ciarmy.rules) 2403502 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 203 (ciarmy.rules) 2403503 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 204 (ciarmy.rules) 2403504 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 205 (ciarmy.rules) 2403505 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 206 (ciarmy.rules) 2403506 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 207 (ciarmy.rules) 2403507 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 208 (ciarmy.rules) 2403508 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 209 (ciarmy.rules) 2403509 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 210 (ciarmy.rules) 2403510 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 211 (ciarmy.rules) 2403511 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 212 (ciarmy.rules) 2403512 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 213 (ciarmy.rules) 2403513 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 214 (ciarmy.rules) 2403514 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 215 (ciarmy.rules) 2403515 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 216 (ciarmy.rules) 2403516 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 217 (ciarmy.rules) 2403517 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 218 (ciarmy.rules) 2403518 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 219 (ciarmy.rules) 2403519 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 220 (ciarmy.rules) 2403520 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 221 (ciarmy.rules) 2403521 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 222 (ciarmy.rules) 2403522 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 223 (ciarmy.rules) 2403523 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 224 (ciarmy.rules) 2403524 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 225 (ciarmy.rules) 2403525 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 226 (ciarmy.rules) 2403526 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 227 (ciarmy.rules) 2403527 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 228 (ciarmy.rules) 2403528 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 229 (ciarmy.rules) 2403529 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 230 (ciarmy.rules) 2403530 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 231 (ciarmy.rules) 2403531 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 232 (ciarmy.rules) 2403532 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 233 (ciarmy.rules) 2403533 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 234 (ciarmy.rules) 2403534 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 235 (ciarmy.rules) 2403535 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 236 (ciarmy.rules) 2403536 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 237 (ciarmy.rules) 2403537 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 238 (ciarmy.rules) 2403538 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 239 (ciarmy.rules) 2403539 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 240 (ciarmy.rules) 2403540 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 241 (ciarmy.rules) 2403541 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 242 (ciarmy.rules) 2403542 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 243 (ciarmy.rules) 2403543 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 244 (ciarmy.rules) 2403544 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 245 (ciarmy.rules) 2820263 - ProApps TROJAN Gozi ISFB CnC Checkin (trojan.rules) 2822722 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2822847 - ProApps CURRENT_EVENTS Evil iframe Redirect to RIG-v EK Oct 24 2016 (current_events.rules) 2823187 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher SSL CnC Cert (mobile_malware.rules) [+++] Removed rules: 1 [+++] 2807926 - ProApps TROJAN Trojan-Ransom.Win32.PornoAsset Checkin (trojan.rules) [***] ProApps Security IDS Rules Changelog started Wed Nov 9 17:35:55 2016 [***] [+++] Added rules: 30 [+++] 2023495 - ProApps CURRENT_EVENTS Possible Cartasi Phishing Domain Nov 8 (current_events.rules) 2403540 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 241 (ciarmy.rules) 2403541 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 242 (ciarmy.rules) 2403542 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 243 (ciarmy.rules) 2403543 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 244 (ciarmy.rules) 2403544 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 245 (ciarmy.rules) 2823174 - ProApps TROJAN Enigma Ransomware Payment Domain (trojan.rules) 2823175 - ProApps TROJAN Win32/Banload.XRS Checkin (trojan.rules) 2823176 - ProApps TROJAN DNS Query to Cerber Domain (5tb8hy . bid) (trojan.rules) 2823177 - ProApps TROJAN DNS Query to Cerber Domain (cto5ee . bid) (trojan.rules) 2823178 - ProApps TROJAN DNS Query to Cerber Domain (fvzhoo . bid) (trojan.rules) 2823179 - ProApps TROJAN DNS Query to Cerber Domain (bj64gv . bid) (trojan.rules) 2823180 - ProApps TROJAN DNS Query to Cerber Domain (wasf56 . bid) (trojan.rules) 2823181 - ProApps TROJAN DNS Query to Cerber Domain (fundpoem . mobi) (trojan.rules) 2823182 - ProApps TROJAN DNS Query to Cerber Domain (sotn58 . bid) (trojan.rules) 2823183 - ProApps TROJAN DNS Query to Cerber Domain (enanhb . bid) (trojan.rules) 2823184 - ProApps TROJAN DNS Query to Cerber Domain (dierepair . top) (trojan.rules) 2823185 - ProApps TROJAN DNS Query to Cerber Domain (26ahte . bid) (trojan.rules) 2823186 - ProApps MOBILE_MALWARE Android.Trojan.Triada.CW Checkin (mobile_malware.rules) 2823187 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher SSL CnC Cert (mobile_malware.rules) 2823188 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2823189 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2823190 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2823191 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2823192 - ProApps MALWARE Win32/FileFinder.AJ Adware Activity (malware.rules) 2823193 - ProApps TROJAN Observed MalDoc Downloader SSL Cert Nov 09 (trojan.rules) 2823194 - ProApps TROJAN Win32/Enigma Ransomware Requesting Payload (trojan.rules) 2823195 - ProApps TROJAN Likely APT29 Stage2 SSL Cert (trojan.rules) 2823196 - ProApps TROJAN Likely APT29 Stage2 SSL Cert (trojan.rules) 2823197 - ProApps TROJAN Possible APT29 Compressed Payload Download Request (trojan.rules) [+++] Modify rules: 244 [+++] 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2403400 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 101 (ciarmy.rules) 2403401 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 102 (ciarmy.rules) 2403402 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 103 (ciarmy.rules) 2403403 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 104 (ciarmy.rules) 2403404 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 105 (ciarmy.rules) 2403405 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 106 (ciarmy.rules) 2403406 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 107 (ciarmy.rules) 2403407 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 108 (ciarmy.rules) 2403408 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 109 (ciarmy.rules) 2403409 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 110 (ciarmy.rules) 2403410 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 111 (ciarmy.rules) 2403411 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 112 (ciarmy.rules) 2403412 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 113 (ciarmy.rules) 2403413 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 114 (ciarmy.rules) 2403414 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 115 (ciarmy.rules) 2403415 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 116 (ciarmy.rules) 2403416 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 117 (ciarmy.rules) 2403417 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 118 (ciarmy.rules) 2403418 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 119 (ciarmy.rules) 2403419 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 120 (ciarmy.rules) 2403420 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 121 (ciarmy.rules) 2403421 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 122 (ciarmy.rules) 2403422 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 123 (ciarmy.rules) 2403423 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 124 (ciarmy.rules) 2403424 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 125 (ciarmy.rules) 2403425 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 126 (ciarmy.rules) 2403426 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 127 (ciarmy.rules) 2403427 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 128 (ciarmy.rules) 2403428 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 129 (ciarmy.rules) 2403429 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 130 (ciarmy.rules) 2403430 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 131 (ciarmy.rules) 2403431 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 132 (ciarmy.rules) 2403432 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 133 (ciarmy.rules) 2403433 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 134 (ciarmy.rules) 2403434 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 135 (ciarmy.rules) 2403435 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 136 (ciarmy.rules) 2403436 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 137 (ciarmy.rules) 2403437 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 138 (ciarmy.rules) 2403438 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 139 (ciarmy.rules) 2403439 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 140 (ciarmy.rules) 2403440 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 141 (ciarmy.rules) 2403441 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 142 (ciarmy.rules) 2403442 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 143 (ciarmy.rules) 2403443 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 144 (ciarmy.rules) 2403444 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 145 (ciarmy.rules) 2403445 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 146 (ciarmy.rules) 2403446 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 147 (ciarmy.rules) 2403447 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 148 (ciarmy.rules) 2403448 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 149 (ciarmy.rules) 2403449 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 150 (ciarmy.rules) 2403450 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 151 (ciarmy.rules) 2403451 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 152 (ciarmy.rules) 2403452 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 153 (ciarmy.rules) 2403453 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 154 (ciarmy.rules) 2403454 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 155 (ciarmy.rules) 2403455 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 156 (ciarmy.rules) 2403456 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 157 (ciarmy.rules) 2403457 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 158 (ciarmy.rules) 2403458 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 159 (ciarmy.rules) 2403459 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 160 (ciarmy.rules) 2403460 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 161 (ciarmy.rules) 2403461 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 162 (ciarmy.rules) 2403462 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 163 (ciarmy.rules) 2403463 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 164 (ciarmy.rules) 2403464 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 165 (ciarmy.rules) 2403465 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 166 (ciarmy.rules) 2403466 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 167 (ciarmy.rules) 2403467 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 168 (ciarmy.rules) 2403468 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 169 (ciarmy.rules) 2403469 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 170 (ciarmy.rules) 2403470 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 171 (ciarmy.rules) 2403471 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 172 (ciarmy.rules) 2403472 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 173 (ciarmy.rules) 2403473 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 174 (ciarmy.rules) 2403474 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 175 (ciarmy.rules) 2403475 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 176 (ciarmy.rules) 2403476 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 177 (ciarmy.rules) 2403477 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 178 (ciarmy.rules) 2403478 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 179 (ciarmy.rules) 2403479 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 180 (ciarmy.rules) 2403480 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 181 (ciarmy.rules) 2403481 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 182 (ciarmy.rules) 2403482 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 183 (ciarmy.rules) 2403483 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 184 (ciarmy.rules) 2403484 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 185 (ciarmy.rules) 2403485 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 186 (ciarmy.rules) 2403486 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 187 (ciarmy.rules) 2403487 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 188 (ciarmy.rules) 2403488 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 189 (ciarmy.rules) 2403489 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 190 (ciarmy.rules) 2403490 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 191 (ciarmy.rules) 2403491 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 192 (ciarmy.rules) 2403492 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 193 (ciarmy.rules) 2403493 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 194 (ciarmy.rules) 2403494 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 195 (ciarmy.rules) 2403495 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 196 (ciarmy.rules) 2403496 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 197 (ciarmy.rules) 2403497 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 198 (ciarmy.rules) 2403498 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 199 (ciarmy.rules) 2403499 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 200 (ciarmy.rules) 2403500 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 201 (ciarmy.rules) 2403501 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 202 (ciarmy.rules) 2403502 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 203 (ciarmy.rules) 2403503 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 204 (ciarmy.rules) 2403504 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 205 (ciarmy.rules) 2403505 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 206 (ciarmy.rules) 2403506 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 207 (ciarmy.rules) 2403507 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 208 (ciarmy.rules) 2403508 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 209 (ciarmy.rules) 2403509 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 210 (ciarmy.rules) 2403510 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 211 (ciarmy.rules) 2403511 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 212 (ciarmy.rules) 2403512 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 213 (ciarmy.rules) 2403513 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 214 (ciarmy.rules) 2403514 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 215 (ciarmy.rules) 2403515 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 216 (ciarmy.rules) 2403516 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 217 (ciarmy.rules) 2403517 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 218 (ciarmy.rules) 2403518 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 219 (ciarmy.rules) 2403519 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 220 (ciarmy.rules) 2403520 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 221 (ciarmy.rules) 2403521 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 222 (ciarmy.rules) 2403522 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 223 (ciarmy.rules) 2403523 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 224 (ciarmy.rules) 2403524 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 225 (ciarmy.rules) 2403525 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 226 (ciarmy.rules) 2403526 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 227 (ciarmy.rules) 2403527 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 228 (ciarmy.rules) 2403528 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 229 (ciarmy.rules) 2403529 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 230 (ciarmy.rules) 2403530 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 231 (ciarmy.rules) 2403531 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 232 (ciarmy.rules) 2403532 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 233 (ciarmy.rules) 2403533 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 234 (ciarmy.rules) 2403534 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 235 (ciarmy.rules) 2403535 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 236 (ciarmy.rules) 2403536 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 237 (ciarmy.rules) 2403537 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 238 (ciarmy.rules) 2403538 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 239 (ciarmy.rules) 2403539 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 240 (ciarmy.rules) 2820263 - ProApps TROJAN Gozi ISFB CnC Checkin (trojan.rules) 2823166 - ProApps TROJAN August Stealer CnC Checkin (trojan.rules) 2823170 - ProApps CURRENT_EVENTS MalDoc Requesting Payload Nov 08 (current_events.rules) [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Tue Nov 8 19:05:32 2016 [***] [+++] Added rules: 75 [+++] 2023486 - ProApps TROJAN Sednit/APT28/Sofacy Delphocy CnC Beacon (trojan.rules) 2023487 - ProApps CURRENT_EVENTS Successful Tesco Bank Phish M1 Nov 08 2016 (current_events.rules) 2023488 - ProApps CURRENT_EVENTS Successful Tesco Bank Phish M2 Nov 08 2016 (current_events.rules) 2023489 - ProApps TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gozi MITM) (trojan.rules) 2023490 - ProApps TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gozi MITM) (trojan.rules) 2023491 - ProApps TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gozi MITM) (trojan.rules) 2023492 - ProApps TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gozi MITM) (trojan.rules) 2023493 - ProApps TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gozi MITM) (trojan.rules) 2023494 - ProApps TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gozi MITM) (trojan.rules) 2403513 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 214 (ciarmy.rules) 2403514 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 215 (ciarmy.rules) 2403515 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 216 (ciarmy.rules) 2403516 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 217 (ciarmy.rules) 2403517 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 218 (ciarmy.rules) 2403518 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 219 (ciarmy.rules) 2403519 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 220 (ciarmy.rules) 2403520 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 221 (ciarmy.rules) 2403521 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 222 (ciarmy.rules) 2403522 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 223 (ciarmy.rules) 2403523 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 224 (ciarmy.rules) 2403524 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 225 (ciarmy.rules) 2403525 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 226 (ciarmy.rules) 2403526 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 227 (ciarmy.rules) 2403527 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 228 (ciarmy.rules) 2403528 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 229 (ciarmy.rules) 2403529 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 230 (ciarmy.rules) 2403530 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 231 (ciarmy.rules) 2403531 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 232 (ciarmy.rules) 2403532 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 233 (ciarmy.rules) 2403533 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 234 (ciarmy.rules) 2403534 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 235 (ciarmy.rules) 2403535 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 236 (ciarmy.rules) 2403536 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 237 (ciarmy.rules) 2403537 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 238 (ciarmy.rules) 2403538 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 239 (ciarmy.rules) 2403539 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 240 (ciarmy.rules) 2823135 - ProApps EXPLOIT Possible CLFS.sys File Load Vulnerability (Multiple CVE) (exploit.rules) 2823136 - ProApps EXPLOIT Possible CLFS.sys File Load Vulnerability (Multiple CVE) (exploit.rules) 2823137 - ProApps EXPLOIT Possible CLFS.sys File Load Vulnerability (CVE-2016-3340) (exploit.rules) 2823138 - ProApps EXPLOIT Possible CLFS.sys File Load Vulnerability (CVE-2016-3342) (exploit.rules) 2823139 - ProApps EXPLOIT Possible CLFS.sys File Load Vulnerability (CVE-2016-3343) (exploit.rules) 2823140 - ProApps EXPLOIT Microsoft Internet Explorer Null Character Classid RCE (CVE-2016-7195) (exploit.rules) 2823141 - ProApps WEB_CLIENT Possible Microsoft Internet Explorer mshtml.dll Use After Free Vulnerability (CVE-2016-7196) (web_client.rules) 2823142 - ProApps WEB_CLIENT Possible Microsoft Edge edgehtml Memory Corruption (CVE-2016-7198) (web_client.rules) 2823143 - ProApps WEB_CLIENT Possible Microsoft Edge Chakra.dll Type Confusion (CVE-2016-7200) (web_client.rules) 2823144 - ProApps WEB_CLIENT Possible Microsoft Edge Chakra.dll Type Confusion (CVE-2016-7201) (web_client.rules) 2823145 - ProApps WEB_CLIENT Possible Microsoft Edge Buffer Overflow (CVE-2016-7202) (web_client.rules) 2823146 - ProApps WEB_CLIENT Possible Microsoft Edge Chakra.dll Heap Overflow (CVE-2016-7203) (web_client.rules) 2823147 - ProApps WEB_CLIENT Possible Microsoft Edge File Disclosure Vulnerablity (CVE-2016-7204) (web_client.rules) 2823148 - ProApps EXPLOIT Possible Win32k UAF Information Disclosure Exe Inbound (CVE-2016-7214) (exploit.rules) 2823149 - ProApps EXPLOIT Possible Win32k Elevation of Privilege Exe Inbound (CVE-2016-7215) (exploit.rules) 2823150 - ProApps WEB_CLIENT Possible Microsoft Edge Buffer Overflow (CVE-2016-7217) M1 (web_client.rules) 2823151 - ProApps WEB_CLIENT Possible Microsoft Edge Buffer Overflow (CVE-2016-7217) M2 (web_client.rules) 2823152 - ProApps EXPLOIT Possible Browser.sys Information Disclosure Exe Inbound (CVE-2016-7218) (exploit.rules) 2823153 - ProApps EXPLOIT Possible Windows 10 CoCreateInstance Elevation of Privilege (CVE-2016-7221) (exploit.rules) 2823154 - ProApps EXPLOIT Possible Windows 10 VHDMP ZwOpenFile Vulnerability (CVE-2016-7224) (exploit.rules) 2823155 - ProApps EXPLOIT Possible Windows 10 VHDMP ZwDeleteFile Vulnerability (CVE-2016-7225) (exploit.rules) 2823156 - ProApps EXPLOIT Possible Windows 10 VHDMP ZwCreateFile Vulnerability (CVE-2016-7226) (exploit.rules) 2823157 - ProApps WEB_CLIENT Microsoft Internet Explorer 11 Windows 10 Information Disclosure (CVE-2016-7227) (web_client.rules) 2823158 - ProApps WEB_CLIENT Microsoft Excel corrupted incorrect COLINFO record download (CVE-2016-7228) (web_client.rules) 2823159 - ProApps WEB_CLIENT Possible Microsoft Edge Chakra.dll Type Confusion (CVE-2016-7240) (web_client.rules) 2823160 - ProApps WEB_CLIENT Possible Microsoft Edge JSON.parse RCE (CVE-2016-7241) (web_client.rules) 2823161 - ProApps WEB_CLIENT Possible Microsoft Edge Chakra.dll Type Confusion (CVE-2016-7242) (web_client.rules) 2823162 - ProApps EXPLOIT Possible CLFS.sys File Load Vulnerability (CVE-2016-7246) (exploit.rules) 2823163 - ProApps EXPLOIT Possible UNC Path in Vulnerable SQL Query (CVE-2016-7250) (exploit.rules) 2823164 - ProApps EXPLOIT Possible UNC Path in Vulnerable SQL Query (CVE-2016-7250) (exploit.rules) 2823165 - ProApps TROJAN Win32/RediModiUpd CnC Checkin (trojan.rules) 2823166 - ProApps TROJAN Unknown Banker CnC Checkin (trojan.rules) 2823167 - ProApps EXPLOIT AVTECH IP Camera Auth Bypass Vulnerablity (2016-10-11) (exploit.rules) 2823168 - ProApps EXPLOIT AVTECH IP Camera Unauthenticated CGI Dir Vulnerablity (exploit.rules) 2823169 - ProApps TROJAN Mocker Retrieving Payload (trojan.rules) 2823170 - ProApps CURRENT_EVENTS MalDoc Requesting Payload Nov 08 (current_events.rules) 2823171 - ProApps CURRENT_EVENTS MalDoc Payload Inbound Nov 08 (current_events.rules) 2823172 - ProApps TROJAN Tinba Variant Checkin (trojan.rules) 2823173 - ProApps CURRENT_EVENTS Evil Redirector Leading to EK Keitaro TDS Nov 01 2016 (current_events.rules) [+++] Modify rules: 240 [+++] 2014726 - ProApps POLICY Outdated Windows Flash Version IE (policy.rules) 2023333 - ProApps TROJAN Linux.Mirai Login Attempt (xc3511) (trojan.rules) 2023430 - ProApps TROJAN Possible Linux.Mirai Login Attempt (1111111) (trojan.rules) 2023431 - ProApps TROJAN Possible Linux.Mirai Login Attempt (54321) (trojan.rules) 2023432 - ProApps TROJAN Possible Linux.Mirai Login Attempt (666666) (trojan.rules) 2023433 - ProApps TROJAN Possible Linux.Mirai Login Attempt (7ujMko0admin) (trojan.rules) 2023434 - ProApps TROJAN Possible Linux.Mirai Login Attempt (7ujMko0vizxv) (trojan.rules) 2023435 - ProApps TROJAN Possible Linux.Mirai Login Attempt (888888) (trojan.rules) 2023436 - ProApps TROJAN Possible Linux.Mirai Login Attempt (anko) (trojan.rules) 2023437 - ProApps TROJAN Possible Linux.Mirai Login Attempt (dreambox) (trojan.rules) 2023438 - ProApps TROJAN Possible Linux.Mirai Login Attempt (fucker) (trojan.rules) 2023439 - ProApps TROJAN Possible Linux.Mirai Login Attempt (hi3518) (trojan.rules) 2023440 - ProApps TROJAN Possible Linux.Mirai Login Attempt (ikwb) (trojan.rules) 2023441 - ProApps TROJAN Possible Linux.Mirai Login Attempt (juantech) (trojan.rules) 2023442 - ProApps TROJAN Possible Linux.Mirai Login Attempt (jvbzd) (trojan.rules) 2023443 - ProApps TROJAN Possible Linux.Mirai Login Attempt (klv123) (trojan.rules) 2023444 - ProApps TROJAN Possible Linux.Mirai Login Attempt (klv1234) (trojan.rules) 2023445 - ProApps TROJAN Possible Linux.Mirai Login Attempt (meinsm) (trojan.rules) 2023446 - ProApps TROJAN Possible Linux.Mirai Login Attempt (realtek) (trojan.rules) 2023447 - ProApps TROJAN Possible Linux.Mirai Login Attempt (service) (trojan.rules) 2023448 - ProApps TROJAN Possible Linux.Mirai Login Attempt (ubnt) (trojan.rules) 2023449 - ProApps TROJAN Possible Linux.Mirai Login Attempt (vizxv) (trojan.rules) 2023450 - ProApps TROJAN Possible Linux.Mirai Login Attempt (xmhdipc) (trojan.rules) 2023451 - ProApps TROJAN Possible Linux.Mirai Login Attempt (zlxx) (trojan.rules) 2023452 - ProApps TROJAN Possible Linux.Mirai Login Attempt (Zte521) (trojan.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2403400 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 101 (ciarmy.rules) 2403401 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 102 (ciarmy.rules) 2403402 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 103 (ciarmy.rules) 2403403 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 104 (ciarmy.rules) 2403404 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 105 (ciarmy.rules) 2403405 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 106 (ciarmy.rules) 2403406 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 107 (ciarmy.rules) 2403407 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 108 (ciarmy.rules) 2403408 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 109 (ciarmy.rules) 2403409 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 110 (ciarmy.rules) 2403410 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 111 (ciarmy.rules) 2403411 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 112 (ciarmy.rules) 2403412 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 113 (ciarmy.rules) 2403413 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 114 (ciarmy.rules) 2403414 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 115 (ciarmy.rules) 2403415 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 116 (ciarmy.rules) 2403416 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 117 (ciarmy.rules) 2403417 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 118 (ciarmy.rules) 2403418 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 119 (ciarmy.rules) 2403419 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 120 (ciarmy.rules) 2403420 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 121 (ciarmy.rules) 2403421 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 122 (ciarmy.rules) 2403422 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 123 (ciarmy.rules) 2403423 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 124 (ciarmy.rules) 2403424 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 125 (ciarmy.rules) 2403425 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 126 (ciarmy.rules) 2403426 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 127 (ciarmy.rules) 2403427 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 128 (ciarmy.rules) 2403428 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 129 (ciarmy.rules) 2403429 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 130 (ciarmy.rules) 2403430 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 131 (ciarmy.rules) 2403431 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 132 (ciarmy.rules) 2403432 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 133 (ciarmy.rules) 2403433 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 134 (ciarmy.rules) 2403434 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 135 (ciarmy.rules) 2403435 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 136 (ciarmy.rules) 2403436 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 137 (ciarmy.rules) 2403437 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 138 (ciarmy.rules) 2403438 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 139 (ciarmy.rules) 2403439 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 140 (ciarmy.rules) 2403440 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 141 (ciarmy.rules) 2403441 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 142 (ciarmy.rules) 2403442 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 143 (ciarmy.rules) 2403443 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 144 (ciarmy.rules) 2403444 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 145 (ciarmy.rules) 2403445 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 146 (ciarmy.rules) 2403446 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 147 (ciarmy.rules) 2403447 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 148 (ciarmy.rules) 2403448 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 149 (ciarmy.rules) 2403449 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 150 (ciarmy.rules) 2403450 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 151 (ciarmy.rules) 2403451 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 152 (ciarmy.rules) 2403452 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 153 (ciarmy.rules) 2403453 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 154 (ciarmy.rules) 2403454 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 155 (ciarmy.rules) 2403455 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 156 (ciarmy.rules) 2403456 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 157 (ciarmy.rules) 2403457 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 158 (ciarmy.rules) 2403458 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 159 (ciarmy.rules) 2403459 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 160 (ciarmy.rules) 2403460 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 161 (ciarmy.rules) 2403461 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 162 (ciarmy.rules) 2403462 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 163 (ciarmy.rules) 2403463 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 164 (ciarmy.rules) 2403464 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 165 (ciarmy.rules) 2403465 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 166 (ciarmy.rules) 2403466 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 167 (ciarmy.rules) 2403467 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 168 (ciarmy.rules) 2403468 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 169 (ciarmy.rules) 2403469 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 170 (ciarmy.rules) 2403470 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 171 (ciarmy.rules) 2403471 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 172 (ciarmy.rules) 2403472 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 173 (ciarmy.rules) 2403473 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 174 (ciarmy.rules) 2403474 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 175 (ciarmy.rules) 2403475 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 176 (ciarmy.rules) 2403476 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 177 (ciarmy.rules) 2403477 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 178 (ciarmy.rules) 2403478 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 179 (ciarmy.rules) 2403479 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 180 (ciarmy.rules) 2403480 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 181 (ciarmy.rules) 2403481 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 182 (ciarmy.rules) 2403482 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 183 (ciarmy.rules) 2403483 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 184 (ciarmy.rules) 2403484 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 185 (ciarmy.rules) 2403485 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 186 (ciarmy.rules) 2403486 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 187 (ciarmy.rules) 2403487 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 188 (ciarmy.rules) 2403488 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 189 (ciarmy.rules) 2403489 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 190 (ciarmy.rules) 2403490 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 191 (ciarmy.rules) 2403491 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 192 (ciarmy.rules) 2403492 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 193 (ciarmy.rules) 2403493 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 194 (ciarmy.rules) 2403494 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 195 (ciarmy.rules) 2403495 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 196 (ciarmy.rules) 2403496 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 197 (ciarmy.rules) 2403497 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 198 (ciarmy.rules) 2403498 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 199 (ciarmy.rules) 2403499 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 200 (ciarmy.rules) 2403500 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 201 (ciarmy.rules) 2403501 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 202 (ciarmy.rules) 2403502 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 203 (ciarmy.rules) 2403503 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 204 (ciarmy.rules) 2403504 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 205 (ciarmy.rules) 2403505 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 206 (ciarmy.rules) 2403506 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 207 (ciarmy.rules) 2403507 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 208 (ciarmy.rules) 2403508 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 209 (ciarmy.rules) 2403509 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 210 (ciarmy.rules) 2403510 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 211 (ciarmy.rules) 2403511 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 212 (ciarmy.rules) 2403512 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 213 (ciarmy.rules) 2822738 - ProApps TROJAN MSIL/Exotic CnC Checkin (trojan.rules) [+++] Removed rules: 1 [+++] 2815248 - ProApps CURRENT_EVENTS Successful Paypal Phish Dec 8 M2 (current_events.rules) [***] ProApps Security IDS Rules Changelog started Mon Nov 7 16:52:01 2016 [***] [+++] Added rules: 89 [+++] 2023484 - ProApps EXPLOIT Possible iOS Pegasus Safari Exploit (CVE-2016-4657) (exploit.rules) 2023485 - ProApps TROJAN Unknown Malicious JS Checkin (trojan.rules) 2403443 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 144 (ciarmy.rules) 2403444 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 145 (ciarmy.rules) 2403445 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 146 (ciarmy.rules) 2403446 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 147 (ciarmy.rules) 2403447 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 148 (ciarmy.rules) 2403448 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 149 (ciarmy.rules) 2403449 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 150 (ciarmy.rules) 2403450 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 151 (ciarmy.rules) 2403451 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 152 (ciarmy.rules) 2403452 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 153 (ciarmy.rules) 2403453 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 154 (ciarmy.rules) 2403454 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 155 (ciarmy.rules) 2403455 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 156 (ciarmy.rules) 2403456 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 157 (ciarmy.rules) 2403457 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 158 (ciarmy.rules) 2403458 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 159 (ciarmy.rules) 2403459 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 160 (ciarmy.rules) 2403460 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 161 (ciarmy.rules) 2403461 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 162 (ciarmy.rules) 2403462 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 163 (ciarmy.rules) 2403463 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 164 (ciarmy.rules) 2403464 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 165 (ciarmy.rules) 2403465 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 166 (ciarmy.rules) 2403466 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 167 (ciarmy.rules) 2403467 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 168 (ciarmy.rules) 2403468 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 169 (ciarmy.rules) 2403469 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 170 (ciarmy.rules) 2403470 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 171 (ciarmy.rules) 2403471 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 172 (ciarmy.rules) 2403472 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 173 (ciarmy.rules) 2403473 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 174 (ciarmy.rules) 2403474 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 175 (ciarmy.rules) 2403475 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 176 (ciarmy.rules) 2403476 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 177 (ciarmy.rules) 2403477 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 178 (ciarmy.rules) 2403478 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 179 (ciarmy.rules) 2403479 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 180 (ciarmy.rules) 2403480 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 181 (ciarmy.rules) 2403481 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 182 (ciarmy.rules) 2403482 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 183 (ciarmy.rules) 2403483 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 184 (ciarmy.rules) 2403484 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 185 (ciarmy.rules) 2403485 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 186 (ciarmy.rules) 2403486 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 187 (ciarmy.rules) 2403487 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 188 (ciarmy.rules) 2403488 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 189 (ciarmy.rules) 2403489 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 190 (ciarmy.rules) 2403490 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 191 (ciarmy.rules) 2403491 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 192 (ciarmy.rules) 2403492 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 193 (ciarmy.rules) 2403493 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 194 (ciarmy.rules) 2403494 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 195 (ciarmy.rules) 2403495 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 196 (ciarmy.rules) 2403496 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 197 (ciarmy.rules) 2403497 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 198 (ciarmy.rules) 2403498 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 199 (ciarmy.rules) 2403499 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 200 (ciarmy.rules) 2403500 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 201 (ciarmy.rules) 2403501 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 202 (ciarmy.rules) 2403502 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 203 (ciarmy.rules) 2403503 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 204 (ciarmy.rules) 2403504 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 205 (ciarmy.rules) 2403505 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 206 (ciarmy.rules) 2403506 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 207 (ciarmy.rules) 2403507 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 208 (ciarmy.rules) 2403508 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 209 (ciarmy.rules) 2403509 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 210 (ciarmy.rules) 2403510 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 211 (ciarmy.rules) 2403511 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 212 (ciarmy.rules) 2403512 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 213 (ciarmy.rules) 2823118 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2016-11-07 1) (trojan.rules) 2823119 - ProApps TROJAN DNS Query to Cerber Domain (itdrink . club) (trojan.rules) 2823120 - ProApps TROJAN DNS Query to Cerber Domain (jal9lk . bid) (trojan.rules) 2823121 - ProApps TROJAN DNS Query to Cerber Domain (0ndl3j . bid) (trojan.rules) 2823122 - ProApps TROJAN DNS Query to Cerber Domain (t0su8p . bid) (trojan.rules) 2823123 - ProApps TROJAN DNS Query to Cerber Domain (yg767p . bid) (trojan.rules) 2823124 - ProApps TROJAN DNS Query to Cerber Domain (goshare . red) (trojan.rules) 2823125 - ProApps TROJAN DNS Query to Cerber Domain (fgzgvw . bid) (trojan.rules) 2823126 - ProApps TROJAN DNS Query to Cerber Domain (bipa9k . bid) (trojan.rules) 2823127 - ProApps TROJAN DNS Query to Cerber Domain (9473jk . top) (trojan.rules) 2823128 - ProApps TROJAN DNS Query to Cerber Domain (69ju9u . bid) (trojan.rules) 2823129 - ProApps TROJAN PoisonIvy Keepalive to CnC 582 (trojan.rules) 2823130 - ProApps TROJAN PoisonIvy Keepalive to CnC 583 (trojan.rules) 2823131 - ProApps TROJAN W32.Unknown Checkin (FB Fraud) (trojan.rules) 2823132 - ProApps TROJAN Known Malicious PNG HTTP Download (Hancitor) (trojan.rules) 2823133 - ProApps TROJAN Malicious SSL certificate detected (Gootkit CnC) (trojan.rules) 2823134 - ProApps TROJAN Malicious SSL certificate detected (Gootkit CnC) (trojan.rules) [+++] Modify rules: 180 [+++] 2400000 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 1 (drop.rules) 2400001 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 2 (drop.rules) 2400002 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 3 (drop.rules) 2400003 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 4 (drop.rules) 2400004 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 5 (drop.rules) 2400005 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 6 (drop.rules) 2400006 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 7 (drop.rules) 2400007 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 8 (drop.rules) 2400008 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 9 (drop.rules) 2400009 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 10 (drop.rules) 2400010 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 11 (drop.rules) 2400011 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 12 (drop.rules) 2400012 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 13 (drop.rules) 2400013 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 14 (drop.rules) 2400014 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 15 (drop.rules) 2400015 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 16 (drop.rules) 2400016 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 17 (drop.rules) 2400017 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 18 (drop.rules) 2400018 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 19 (drop.rules) 2400019 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 20 (drop.rules) 2400020 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 21 (drop.rules) 2400021 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 22 (drop.rules) 2400022 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 23 (drop.rules) 2400023 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 24 (drop.rules) 2400024 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 25 (drop.rules) 2400025 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 26 (drop.rules) 2400026 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 27 (drop.rules) 2400027 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 28 (drop.rules) 2400028 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 29 (drop.rules) 2400029 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 30 (drop.rules) 2400030 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 31 (drop.rules) 2400031 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 32 (drop.rules) 2400032 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 33 (drop.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2403400 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 101 (ciarmy.rules) 2403401 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 102 (ciarmy.rules) 2403402 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 103 (ciarmy.rules) 2403403 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 104 (ciarmy.rules) 2403404 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 105 (ciarmy.rules) 2403405 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 106 (ciarmy.rules) 2403406 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 107 (ciarmy.rules) 2403407 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 108 (ciarmy.rules) 2403408 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 109 (ciarmy.rules) 2403409 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 110 (ciarmy.rules) 2403410 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 111 (ciarmy.rules) 2403411 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 112 (ciarmy.rules) 2403412 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 113 (ciarmy.rules) 2403413 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 114 (ciarmy.rules) 2403414 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 115 (ciarmy.rules) 2403415 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 116 (ciarmy.rules) 2403416 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 117 (ciarmy.rules) 2403417 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 118 (ciarmy.rules) 2403418 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 119 (ciarmy.rules) 2403419 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 120 (ciarmy.rules) 2403420 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 121 (ciarmy.rules) 2403421 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 122 (ciarmy.rules) 2403422 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 123 (ciarmy.rules) 2403423 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 124 (ciarmy.rules) 2403424 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 125 (ciarmy.rules) 2403425 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 126 (ciarmy.rules) 2403426 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 127 (ciarmy.rules) 2403427 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 128 (ciarmy.rules) 2403428 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 129 (ciarmy.rules) 2403429 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 130 (ciarmy.rules) 2403430 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 131 (ciarmy.rules) 2403431 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 132 (ciarmy.rules) 2403432 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 133 (ciarmy.rules) 2403433 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 134 (ciarmy.rules) 2403434 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 135 (ciarmy.rules) 2403435 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 136 (ciarmy.rules) 2403436 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 137 (ciarmy.rules) 2403437 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 138 (ciarmy.rules) 2403438 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 139 (ciarmy.rules) 2403439 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 140 (ciarmy.rules) 2403440 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 141 (ciarmy.rules) 2403441 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 142 (ciarmy.rules) 2403442 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 143 (ciarmy.rules) 2814577 - ProApps DNS SkullSecurity Encrypted Shell Possible Tunnel 1 (dns.rules) 2821875 - ProApps TROJAN Win32/Remcos RAT Checkin (trojan.rules) 2822621 - ProApps TROJAN Likely APT29 Stage2 SSL Cert (trojan.rules) [+++] Removed rules: 1 [+++] 2400033 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 34 (drop.rules) [***] ProApps Security IDS Rules Changelog started Fri Nov 4 17:35:20 2016 [***] [+++] Added rules: 25 [+++] 2403437 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 138 (ciarmy.rules) 2403438 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 139 (ciarmy.rules) 2403439 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 140 (ciarmy.rules) 2403440 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 141 (ciarmy.rules) 2403441 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 142 (ciarmy.rules) 2403442 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 143 (ciarmy.rules) 2823099 - ProApps TROJAN MSIL/DDI.Bot CnC Checkin (trojan.rules) 2823100 - ProApps TROJAN W32.Dreambot File Upload (Data Sent) (trojan.rules) 2823101 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2016-11-04 1) (trojan.rules) 2823102 - ProApps TROJAN Bitcoin Miner Known Malicious Basic Auth (bWFtY2hvbEB5YW5kZXgucnVfMDpoaXNka3Bja3ZtbHNzYWQ=) (trojan.rules) 2823103 - ProApps TROJAN Bitcoin Miner Known Malicious Basic Auth (T21lR2FfdGVzdDp0ZXN0) (trojan.rules) 2823104 - ProApps TROJAN DNS Query to Cerber Domain (sotn58 . top) (trojan.rules) 2823105 - ProApps TROJAN DNS Query to Cerber Domain (d4u711 . bid) (trojan.rules) 2823106 - ProApps TROJAN DNS Query to Cerber Domain (js43vy . bid) (trojan.rules) 2823107 - ProApps TROJAN DNS Query to Cerber Domain (bipa9k . top) (trojan.rules) 2823108 - ProApps TROJAN DNS Query to Cerber Domain (rbrkng . bid) (trojan.rules) 2823109 - ProApps TROJAN DNS Query to Cerber Domain (gmnjzj . bid) (trojan.rules) 2823110 - ProApps TROJAN DNS Query to Cerber Domain (liesshall . bid) (trojan.rules) 2823111 - ProApps TROJAN DNS Query to Cerber Domain (cv3fdi . bid) (trojan.rules) 2823112 - ProApps TROJAN DNS Query to Cerber Domain (unzcm1 . bid) (trojan.rules) 2823113 - ProApps TROJAN DNS Query to Cerber Domain (vx5whc . bid) (trojan.rules) 2823114 - ProApps CURRENT_EVENTS Possible Sednit EK Flash Exploit Secondary Landing (current_events.rules) 2823115 - ProApps TROJAN APT28 CnC SSL Cert (trojan.rules) 2823116 - ProApps TROJAN PoisonIvy Keepalive to CnC 581 (trojan.rules) 2823117 - ProApps INFO Possibly Malicious DNS TXT Response Contains URL (info.rules) [+++] Modify rules: 143 [+++] 2022970 - ProApps TROJAN W32.Dreambot File Upload (No Data Sent) (trojan.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2403400 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 101 (ciarmy.rules) 2403401 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 102 (ciarmy.rules) 2403402 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 103 (ciarmy.rules) 2403403 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 104 (ciarmy.rules) 2403404 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 105 (ciarmy.rules) 2403405 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 106 (ciarmy.rules) 2403406 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 107 (ciarmy.rules) 2403407 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 108 (ciarmy.rules) 2403408 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 109 (ciarmy.rules) 2403409 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 110 (ciarmy.rules) 2403410 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 111 (ciarmy.rules) 2403411 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 112 (ciarmy.rules) 2403412 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 113 (ciarmy.rules) 2403413 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 114 (ciarmy.rules) 2403414 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 115 (ciarmy.rules) 2403415 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 116 (ciarmy.rules) 2403416 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 117 (ciarmy.rules) 2403417 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 118 (ciarmy.rules) 2403418 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 119 (ciarmy.rules) 2403419 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 120 (ciarmy.rules) 2403420 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 121 (ciarmy.rules) 2403421 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 122 (ciarmy.rules) 2403422 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 123 (ciarmy.rules) 2403423 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 124 (ciarmy.rules) 2403424 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 125 (ciarmy.rules) 2403425 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 126 (ciarmy.rules) 2403426 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 127 (ciarmy.rules) 2403427 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 128 (ciarmy.rules) 2403428 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 129 (ciarmy.rules) 2403429 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 130 (ciarmy.rules) 2403430 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 131 (ciarmy.rules) 2403431 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 132 (ciarmy.rules) 2403432 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 133 (ciarmy.rules) 2403433 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 134 (ciarmy.rules) 2403434 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 135 (ciarmy.rules) 2403435 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 136 (ciarmy.rules) 2403436 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 137 (ciarmy.rules) 2811774 - ProApps TROJAN Worm Win32/Rebhip.Z Variant Checkin (trojan.rules) 2823044 - ProApps TROJAN W32.Dreambot Checkin (trojan.rules) 2823092 - ProApps MALWARE Win32/CainCleaner.D CnC 1 (malware.rules) 2823093 - ProApps MALWARE Win32/CainCleaner.D CnC 2 (malware.rules) [+++] Removed rules: 1 [+++] 2809030 - ProApps TROJAN Possibly Malicious DNS TXT Response Contains URL (trojan.rules) [***] ProApps Security IDS Rules Changelog started Thu Nov 3 17:05:52 2016 [***] [+++] Added rules: 37 [+++] 2023482 - ProApps CURRENT_EVENTS Evil Redirector Leading to EK EITest Inject Oct 17 2016 M2 (current_events.rules) 2023483 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher Sending Credit Card Info (mobile_malware.rules) 2403428 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 129 (ciarmy.rules) 2403429 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 130 (ciarmy.rules) 2403430 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 131 (ciarmy.rules) 2403431 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 132 (ciarmy.rules) 2403432 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 133 (ciarmy.rules) 2403433 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 134 (ciarmy.rules) 2403434 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 135 (ciarmy.rules) 2403435 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 136 (ciarmy.rules) 2403436 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 137 (ciarmy.rules) 2823073 - ProApps TROJAN APT28 XAgent DNS Lookup (trojan.rules) 2823074 - ProApps TROJAN APT28 Unknown C2 DNS Lookup (trojan.rules) 2823075 - ProApps TROJAN APT28 DealersChoice DNS Lookup (trojan.rules) 2823076 - ProApps TROJAN MSIL/CryptoRoger Ransomware CnC Checkin (trojan.rules) 2823077 - ProApps CURRENT_EVENTS GreenFlash SunDown EK Flash Exploit (current_events.rules) 2823078 - ProApps TROJAN APT28 DealersChoice CnC Beacon M1 (trojan.rules) 2823079 - ProApps TROJAN APT28 DealersChoice CnC Beacon M2 (trojan.rules) 2823080 - ProApps TROJAN DNS Query to Cerber Domain (j8873f . bid) (trojan.rules) 2823081 - ProApps TROJAN DNS Query to Cerber Domain (rg51ik . bid) (trojan.rules) 2823082 - ProApps TROJAN DNS Query to Cerber Domain (eventsresg . info) (trojan.rules) 2823083 - ProApps TROJAN DNS Query to Cerber Domain (hossy5 . bid) (trojan.rules) 2823084 - ProApps TROJAN DNS Query to Cerber Domain (31wkhu . top) (trojan.rules) 2823085 - ProApps TROJAN DNS Query to Cerber Domain (gi49w8 . bid) (trojan.rules) 2823086 - ProApps TROJAN DNS Query to Cerber Domain (7iups0 . top) (trojan.rules) 2823087 - ProApps TROJAN DNS Query to Cerber Domain (pbpju9 . bid) (trojan.rules) 2823088 - ProApps TROJAN DNS Query to Cerber Domain (r21wmw . top) (trojan.rules) 2823089 - ProApps TROJAN DNS Query to Cerber Domain (dks71o . bid) (trojan.rules) 2823090 - ProApps TROJAN APT28 EK DNS Lookup (trojan.rules) 2823091 - ProApps TROJAN APT28 XAgent DNS Lookup (trojan.rules) 2823092 - ProApps MALWARE Win32/CainCleaner.D CnC (malware.rules) 2823093 - ProApps MALWARE Win32/CainCleaner.D CnC (malware.rules) 2823094 - ProApps TROJAN Ransomware Locky .onion Payment Domain (mwddgguaa5rj7b54) (trojan.rules) 2823095 - ProApps TROJAN APT28 EK DNS Lookup (trojan.rules) 2823096 - ProApps TROJAN APT28 EK DNS Lookup (trojan.rules) 2823097 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2016-11-03 1) (trojan.rules) 2823098 - ProApps TROJAN MSIL/Unknown.Keylogger.BRM CnC Checkin (trojan.rules) [+++] Modify rules: 134 [+++] 2021382 - ProApps TROJAN Zberp/ZeusVM receiving config via image file (steganography) (trojan.rules) 2021383 - ProApps TROJAN Zberp/ZeusVM receiving config via image file (steganography) 2 (trojan.rules) 2021527 - ProApps TROJAN Zberp/ZeusVM receiving config via image file (steganography) 3 (trojan.rules) 2023429 - ProApps TROJAN Houdini/Hworm CnC Checkin M1 (trojan.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2403400 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 101 (ciarmy.rules) 2403401 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 102 (ciarmy.rules) 2403402 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 103 (ciarmy.rules) 2403403 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 104 (ciarmy.rules) 2403404 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 105 (ciarmy.rules) 2403405 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 106 (ciarmy.rules) 2403406 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 107 (ciarmy.rules) 2403407 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 108 (ciarmy.rules) 2403408 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 109 (ciarmy.rules) 2403409 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 110 (ciarmy.rules) 2403410 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 111 (ciarmy.rules) 2403411 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 112 (ciarmy.rules) 2403412 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 113 (ciarmy.rules) 2403413 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 114 (ciarmy.rules) 2403414 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 115 (ciarmy.rules) 2403415 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 116 (ciarmy.rules) 2403416 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 117 (ciarmy.rules) 2403417 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 118 (ciarmy.rules) 2403418 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 119 (ciarmy.rules) 2403419 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 120 (ciarmy.rules) 2403420 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 121 (ciarmy.rules) 2403421 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 122 (ciarmy.rules) 2403422 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 123 (ciarmy.rules) 2403423 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 124 (ciarmy.rules) 2403424 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 125 (ciarmy.rules) 2403425 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 126 (ciarmy.rules) 2403426 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 127 (ciarmy.rules) 2403427 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 128 (ciarmy.rules) 2820455 - ProApps TROJAN Houdini/Hworm CnC Checkin M2 (trojan.rules) [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Wed Nov 2 16:37:57 2016 [***] [+++] Added rules: 31 [+++] 2023476 - ProApps TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Dridex) (trojan.rules) 2023477 - ProApps TROJAN Moose CnC Request M1 (trojan.rules) 2023478 - ProApps TROJAN Moose CnC Response (trojan.rules) 2023479 - ProApps TROJAN Moose CnC Request M2 (trojan.rules) 2023480 - ProApps CURRENT_EVENTS Sundown/Xer EK Landing Jul 06 2016 M1 (current_events.rules) 2023481 - ProApps TROJAN MSIL/HadesLocker Ransomware Checkin (trojan.rules) 2403418 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 119 (ciarmy.rules) 2403419 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 120 (ciarmy.rules) 2403420 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 121 (ciarmy.rules) 2403421 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 122 (ciarmy.rules) 2403422 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 123 (ciarmy.rules) 2403423 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 124 (ciarmy.rules) 2403424 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 125 (ciarmy.rules) 2403425 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 126 (ciarmy.rules) 2403426 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 127 (ciarmy.rules) 2403427 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 128 (ciarmy.rules) 2823058 - ProApps CURRENT_EVENTS Evil 302 Redirect to RIG-v EK Oct 24 2016 (current_events.rules) 2823059 - ProApps CURRENT_EVENTS Evil Redirector Leading to EK Keitaro TDS Nov 01 2016 (current_events.rules) 2823060 - ProApps CURRENT_EVENTS MalDoc Retrieving Inbound PowerShell Payload (current_events.rules) 2823061 - ProApps TROJAN MSIL.NoobCrypt CnC (trojan.rules) 2823062 - ProApps TROJAN DNS Query to Cerber Domain (3do9h1 . bid) (trojan.rules) 2823063 - ProApps TROJAN DNS Query to Cerber Domain (whmykv . bid) (trojan.rules) 2823064 - ProApps TROJAN DNS Query to Cerber Domain (cc0r87 . bid) (trojan.rules) 2823065 - ProApps TROJAN DNS Query to Cerber Domain (4xiiup . bid) (trojan.rules) 2823066 - ProApps TROJAN DNS Query to Cerber Domain (wl52rt . bid) (trojan.rules) 2823067 - ProApps TROJAN DNS Query to Cerber Domain (x9le66 . top) (trojan.rules) 2823068 - ProApps TROJAN DNS Query to Cerber Domain (endsdoubt . loan) (trojan.rules) 2823069 - ProApps TROJAN DNS Query to Cerber Domain (childsten . site) (trojan.rules) 2823070 - ProApps TROJAN DNS Query to Cerber Domain (myaddress . link) (trojan.rules) 2823071 - ProApps TROJAN DNS Query to Cerber Domain (56185u . bid) (trojan.rules) 2823072 - ProApps MALWARE Win32/Adware.CloudGuard.D Checkin (malware.rules) [+++] Modify rules: 123 [+++] 2021203 - ProApps TROJAN Possible Deep Panda - Sakula/Mivast RAT CnC Beacon 5 (trojan.rules) 2022535 - ProApps TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Dridex) (trojan.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2403400 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 101 (ciarmy.rules) 2403401 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 102 (ciarmy.rules) 2403402 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 103 (ciarmy.rules) 2403403 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 104 (ciarmy.rules) 2403404 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 105 (ciarmy.rules) 2403405 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 106 (ciarmy.rules) 2403406 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 107 (ciarmy.rules) 2403407 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 108 (ciarmy.rules) 2403408 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 109 (ciarmy.rules) 2403409 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 110 (ciarmy.rules) 2403410 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 111 (ciarmy.rules) 2403411 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 112 (ciarmy.rules) 2403412 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 113 (ciarmy.rules) 2403413 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 114 (ciarmy.rules) 2403414 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 115 (ciarmy.rules) 2403415 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 116 (ciarmy.rules) 2403416 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 117 (ciarmy.rules) 2403417 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 118 (ciarmy.rules) 2809615 - ProApps TROJAN Critroni Likely Malicious Tor Proxy Cookie (trojan.rules) 2816864 - ProApps TROJAN Locky downloader Mar 28 2016 checkin (trojan.rules) [+++] Removed rules: 2 [+++] 2820987 - ProApps CURRENT_EVENTS Sundown/Xer EK Landing Jul 06 2016 M1 (current_events.rules) 2822388 - ProApps TROJAN MSIL/HadesLocker Ransomware Checkin (trojan.rules) [***] ProApps Security IDS Rules Changelog started Tue Nov 1 18:28:30 2016 [***] [+++] Added rules: 22 [+++] 2023471 - ProApps CURRENT_EVENTS Possible Malicious Tor Module Download (current_events.rules) 2023472 - ProApps POLICY OpenDNS IP Lookup (policy.rules) 2023473 - ProApps CURRENT_EVENTS DNSChanger EK Secondary Landing Oct 31 2016 (current_events.rules) 2023474 - ProApps CURRENT_EVENTS Evil Redirector Leading to EK Nov 01 2016 (current_events.rules) 2023475 - ProApps MOBILE_MALWARE Adware.Adwo.A (mobile_malware.rules) 2823041 - ProApps CURRENT_EVENTS Successful Apple Phish Oct 31 2016 (current_events.rules) 2823042 - ProApps TROJAN Win32/Unk.Banker.BR Checkin (trojan.rules) 2823043 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.Agent.ke Checkin (mobile_malware.rules) 2823044 - ProApps TROJAN W32.Unk.Dropper Downloading Binary (trojan.rules) 2823045 - ProApps TROJAN Win32.BestaFera Domain in SNI (trojan.rules) 2823046 - ProApps TROJAN Malicious SSL Certificate Detected (Dreambot Variant) (trojan.rules) 2823047 - ProApps TROJAN DNS Query to Cerber Domain (nxmu0x . bid) (trojan.rules) 2823048 - ProApps TROJAN DNS Query to Cerber Domain (5r1sol . bid) (trojan.rules) 2823049 - ProApps TROJAN DNS Query to Cerber Domain (8hphyr . top) (trojan.rules) 2823050 - ProApps TROJAN DNS Query to Cerber Domain (x43d02 . top) (trojan.rules) 2823051 - ProApps TROJAN DNS Query to Cerber Domain (zmr4fn . bid) (trojan.rules) 2823052 - ProApps TROJAN DNS Query to Cerber Domain (y5j7e6 . top) (trojan.rules) 2823053 - ProApps TROJAN DNS Query to Cerber Domain (packetair . us) (trojan.rules) 2823054 - ProApps TROJAN DNS Query to Cerber Domain (boxmodern . date) (trojan.rules) 2823055 - ProApps TROJAN DNS Query to Cerber Domain (7asel7 . top) (trojan.rules) 2823056 - ProApps TROJAN DNS Query to Cerber Domain (iait3w . bid) (trojan.rules) 2823057 - ProApps TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) [+++] Modify rules: 8 [+++] 2008433 - ProApps TROJAN Razy Variant Checkin (trojan.rules) 2010140 - ProApps P2P Vuze BT UDP Connection (p2p.rules) 2014198 - ProApps TROJAN ZeuS - ICE-IX cid= in cookie (trojan.rules) 2015028 - ProApps TROJAN Cridex Post to CnC (trojan.rules) 2020826 - ProApps CURRENT_EVENTS Potential Dridex.Maldoc Minimal Executable Request (current_events.rules) 2021918 - ProApps TROJAN DustySky Checkin (trojan.rules) 2815653 - ProApps MOBILE_MALWARE AdWare.AndroidOS.Ewind.ao Checkin (mobile_malware.rules) 2816665 - ProApps TROJAN Win32/TrojanDownloader.Banload.XAK Fake Doc Request Retrieving Payload (trojan.rules) [+++] Removed rules: 1 [+++] 2020649 - ProApps CURRENT_EVENTS Possible CryptoWall download from e-mail link March 9 2015 (current_events.rules) [***] ProApps Security IDS Rules Changelog started Tue Nov 1 11:13:48 2016 [***] [+++] Added rules: 5 [+++] 2403413 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 114 (ciarmy.rules) 2403414 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 115 (ciarmy.rules) 2403415 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 116 (ciarmy.rules) 2403416 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 117 (ciarmy.rules) 2403417 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 118 (ciarmy.rules) [+++] Modify rules: 116 [+++] 2021918 - ProApps TROJAN DustySky Checkin (trojan.rules) 2022535 - ProApps TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Dridex) (trojan.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2403400 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 101 (ciarmy.rules) 2403401 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 102 (ciarmy.rules) 2403402 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 103 (ciarmy.rules) 2403403 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 104 (ciarmy.rules) 2403404 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 105 (ciarmy.rules) 2403405 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 106 (ciarmy.rules) 2403406 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 107 (ciarmy.rules) 2403407 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 108 (ciarmy.rules) 2403408 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 109 (ciarmy.rules) 2403409 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 110 (ciarmy.rules) 2403410 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 111 (ciarmy.rules) 2403411 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 112 (ciarmy.rules) 2403412 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 113 (ciarmy.rules) [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Mon Oct 31 17:11:11 2016 [***] [+++] Added rules: 44 [+++] 2023466 - ProApps EXPLOIT D-Link DSL-2740R Remote DNS Change Attempt (exploit.rules) 2023467 - ProApps EXPLOIT COMTREND ADSL Router CT-5367 Remote DNS Change Attempt (exploit.rules) 2023468 - ProApps EXPLOIT Unknown Router Remote DNS Change Attempt (exploit.rules) 2023469 - ProApps POLICY External IP Address Lookup - b4secure .com (policy.rules) 2023470 - ProApps TROJAN Possible Emissary External IP Lookup (trojan.rules) 2403408 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 109 (ciarmy.rules) 2403409 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 110 (ciarmy.rules) 2403410 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 111 (ciarmy.rules) 2403411 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 112 (ciarmy.rules) 2403412 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 113 (ciarmy.rules) 2823007 - ProApps CURRENT_EVENTS Successful Office 365 Phish Oct 31 2016 (current_events.rules) 2823008 - ProApps CURRENT_EVENTS Successful Chase Phish Oct 27 2016 (current_events.rules) 2823009 - ProApps CURRENT_EVENTS Successful Apple ID Phish Oct 27 2016 (current_events.rules) 2823010 - ProApps CURRENT_EVENTS Successful American Express Phish M1 Oct 31 2016 (current_events.rules) 2823011 - ProApps CURRENT_EVENTS Successful American Express Phish M2 Oct 31 2016 (current_events.rules) 2823012 - ProApps CURRENT_EVENTS Successful FreeMobile (FR) Phish M1 Oct 31 2016 (current_events.rules) 2823013 - ProApps CURRENT_EVENTS Successful FreeMobile (FR) Phish M3 Oct 31 2016 (current_events.rules) 2823014 - ProApps CURRENT_EVENTS Successful Impots.gouv.fr Phish Oct 31 2016 (current_events.rules) 2823015 - ProApps CURRENT_EVENTS Successful Gmail Phish Oct 31 2016 (current_events.rules) 2823016 - ProApps CURRENT_EVENTS Successful Paypal Phish Oct 31 2016 (current_events.rules) 2823017 - ProApps CURRENT_EVENTS Successful Generic Phish Oct 31 2016 (current_events.rules) 2823018 - ProApps TROJAN NanoCore RAT CnC 21 (trojan.rules) 2823019 - ProApps CURRENT_EVENTS Astrum EK Landing Oct 31 2016 M1 (current_events.rules) 2823020 - ProApps CURRENT_EVENTS Astrum EK Landing Oct 31 2016 M2 (current_events.rules) 2823021 - ProApps CURRENT_EVENTS Astrum EK Flash Oct 31 2016 (current_events.rules) 2823022 - ProApps CURRENT_EVENTS Astrum EK Flash Oct 31 2016 (current_events.rules) 2823023 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2016-10-31 1) (trojan.rules) 2823024 - ProApps TROJAN Bitcoin Miner Known Malicious Basic Auth (MVBCTjd5aGk2SkxFYTZWVjMxbnBHTFYyZWhyZXBvWWR5Ujp4) (trojan.rules) 2823025 - ProApps TROJAN DNS Query to Cerber Domain (iiujsy . bid) (trojan.rules) 2823026 - ProApps TROJAN DNS Query to Cerber Domain (mustspace . us) (trojan.rules) 2823027 - ProApps TROJAN DNS Query to Cerber Domain (someputt . bid) (trojan.rules) 2823028 - ProApps TROJAN DNS Query to Cerber Domain (5ggovj . bid) (trojan.rules) 2823029 - ProApps TROJAN DNS Query to Cerber Domain (54vw9b . bid) (trojan.rules) 2823030 - ProApps TROJAN DNS Query to Cerber Domain (n8niwa . bid) (trojan.rules) 2823031 - ProApps TROJAN DNS Query to Cerber Domain (8kcfnk . bid) (trojan.rules) 2823032 - ProApps TROJAN DNS Query to Cerber Domain (zp9i1l . bid) (trojan.rules) 2823033 - ProApps TROJAN DNS Query to Cerber Domain (zda7bk . top) (trojan.rules) 2823034 - ProApps TROJAN DNS Query to Cerber Domain (4pjetv . bid) (trojan.rules) 2823035 - ProApps TROJAN APT28/Sofacy MalDoc Request Server Reply (trojan.rules) 2823036 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2823037 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2823038 - ProApps TROJAN Observed APT28/Sofacy DNS Query (trojan.rules) 2823039 - ProApps TROJAN RedTeam SSL Cert (trojan.rules) 2823040 - ProApps MOBILE_MALWARE Android/AdDisplay.Drosel.A Checkin (mobile_malware.rules) [+++] Modify rules: 149 [+++] 2022535 - ProApps TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Dridex) (trojan.rules) 2400000 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 1 (drop.rules) 2400001 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 2 (drop.rules) 2400002 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 3 (drop.rules) 2400003 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 4 (drop.rules) 2400004 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 5 (drop.rules) 2400005 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 6 (drop.rules) 2400006 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 7 (drop.rules) 2400007 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 8 (drop.rules) 2400008 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 9 (drop.rules) 2400009 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 10 (drop.rules) 2400010 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 11 (drop.rules) 2400011 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 12 (drop.rules) 2400012 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 13 (drop.rules) 2400013 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 14 (drop.rules) 2400014 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 15 (drop.rules) 2400015 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 16 (drop.rules) 2400016 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 17 (drop.rules) 2400017 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 18 (drop.rules) 2400018 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 19 (drop.rules) 2400019 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 20 (drop.rules) 2400020 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 21 (drop.rules) 2400021 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 22 (drop.rules) 2400022 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 23 (drop.rules) 2400023 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 24 (drop.rules) 2400024 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 25 (drop.rules) 2400025 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 26 (drop.rules) 2400026 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 27 (drop.rules) 2400027 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 28 (drop.rules) 2400028 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 29 (drop.rules) 2400029 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 30 (drop.rules) 2400030 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 31 (drop.rules) 2400031 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 32 (drop.rules) 2400032 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 33 (drop.rules) 2400033 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 34 (drop.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2403400 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 101 (ciarmy.rules) 2403401 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 102 (ciarmy.rules) 2403402 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 103 (ciarmy.rules) 2403403 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 104 (ciarmy.rules) 2403404 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 105 (ciarmy.rules) 2403405 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 106 (ciarmy.rules) 2403406 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 107 (ciarmy.rules) 2403407 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 108 (ciarmy.rules) 2803537 - ProApps TROJAN Backdoor.DsBot.dov/Win32.Morto.A Checkin (trojan.rules) 2812139 - ProApps TROJAN Pirpi CnC Beacon Response (trojan.rules) 2812406 - ProApps TROJAN Win32/Venik CnC Beacon (trojan.rules) 2822211 - ProApps CURRENT_EVENTS Astrum EK Landing Sep 23 2016 (current_events.rules) 2822305 - ProApps CURRENT_EVENTS Successful Dropbox Phish Sept 29 2016 (current_events.rules) [+++] Removed rules: 1 [+++] 2809624 - ProApps EXPLOIT D-Link DSL-2740R Remote DNS Change Attempt (exploit.rules) [***] ProApps Security IDS Rules Changelog started Fri Oct 28 17:25:18 2016 [***] [+++] Added rules: 1 [+++] 2823006 - ProApps CURRENT_EVENTS Successful OWA Phish Oct 28 2016 (current_events.rules) [+++] Modify rules: 0 [+++] [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Fri Oct 28 16:45:04 2016 [***] [+++] Added rules: 38 [+++] 2822968 - ProApps POLICY RalletsVPN Activity (policy.rules) 2822969 - ProApps TROJAN Observed Malicious SSL Cert (Shifu CnC) (trojan.rules) 2822970 - ProApps TROJAN Malicious SSL certificate detected (Ursnif CnC) (trojan.rules) 2822971 - ProApps TROJAN W32.Unknown.BR Banker Checkin (trojan.rules) 2822972 - ProApps TROJAN Win32.Xema.C9990 Checkin (trojan.rules) 2822973 - ProApps TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822974 - ProApps TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822975 - ProApps TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822976 - ProApps TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822977 - ProApps CURRENT_EVENTS Bizzaro SunDown EK Landing Oct 28 2016 (current_events.rules) 2822978 - ProApps CURRENT_EVENTS Bizzaro SunDown EK Payload Oct 28 2016 M1 (current_events.rules) 2822979 - ProApps CURRENT_EVENTS Possible Bizarro SunDown Payload (current_events.rules) 2822980 - ProApps CURRENT_EVENTS Successful Email Settings Phish Oct 28 2016 (current_events.rules) 2822981 - ProApps CURRENT_EVENTS Successful Docusign Phish Oct 28 2016 (current_events.rules) 2822982 - ProApps CURRENT_EVENTS Successful Alibaba Phish Oct 28 2016 (current_events.rules) 2822983 - ProApps CURRENT_EVENTS Successful Bank of America Phish M1 Oct 28 2016 (current_events.rules) 2822984 - ProApps CURRENT_EVENTS Successful Bank of America Phish M2 Oct 28 2016 (current_events.rules) 2822985 - ProApps CURRENT_EVENTS Successful Dropbox Phish Oct 28 2016 (current_events.rules) 2822986 - ProApps CURRENT_EVENTS Successful Santander Bank Phish Oct 28 2016 (current_events.rules) 2822987 - ProApps CURRENT_EVENTS Successful Gmail Phish M1 Oct 28 2016 (current_events.rules) 2822988 - ProApps CURRENT_EVENTS Successful Gmail Phish M2 Oct 28 2016 (current_events.rules) 2822989 - ProApps TROJAN Malicious SSL Certificate Detected (Qadars CnC) (trojan.rules) 2822990 - ProApps TROJAN DNS Query to Cerber Domain (t1r4ut . bid) (trojan.rules) 2822991 - ProApps TROJAN DNS Query to Cerber Domain (ye42cp . bid) (trojan.rules) 2822992 - ProApps TROJAN DNS Query to Cerber Domain (k8ytej . bid) (trojan.rules) 2822993 - ProApps TROJAN DNS Query to Cerber Domain (cokacg . bid) (trojan.rules) 2822994 - ProApps TROJAN DNS Query to Cerber Domain (x9a6yb . bid) (trojan.rules) 2822995 - ProApps TROJAN DNS Query to Cerber Domain (u50s89 . bid) (trojan.rules) 2822996 - ProApps TROJAN DNS Query to Cerber Domain (leastoff . us) (trojan.rules) 2822997 - ProApps TROJAN DNS Query to Cerber Domain (ibngww . top) (trojan.rules) 2822998 - ProApps TROJAN DNS Query to Cerber Domain (fi50le . bid) (trojan.rules) 2822999 - ProApps TROJAN DNS Query to Cerber Domain (ojesoa . bid) (trojan.rules) 2823000 - ProApps TROJAN APT28 XAgent DNS Lookup (trojan.rules) 2823001 - ProApps TROJAN APT28 XAgent DNS Lookup (trojan.rules) 2823002 - ProApps TROJAN APT28 XAgent DNS Lookup (trojan.rules) 2823003 - ProApps TROJAN Malicious SSL Certificate Detected (Unknown Loader) (trojan.rules) 2823004 - ProApps TROJAN APT28 XAgent SSL Cert (trojan.rules) 2823005 - ProApps TROJAN Possible APT28 XTunnel SSL Cert (trojan.rules) [+++] Modify rules: 111 [+++] 2023343 - ProApps CURRENT_EVENTS Evil Redirector Leading to EK EITest Inject Oct 17 2016 (current_events.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2403400 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 101 (ciarmy.rules) 2403401 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 102 (ciarmy.rules) 2403402 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 103 (ciarmy.rules) 2403403 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 104 (ciarmy.rules) 2403404 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 105 (ciarmy.rules) 2403405 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 106 (ciarmy.rules) 2403406 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 107 (ciarmy.rules) 2403407 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 108 (ciarmy.rules) 2822424 - ProApps CURRENT_EVENTS Successful Excel Online Phish Oct 05 2016 (current_events.rules) [+++] Removed rules: 8 [+++] 2403408 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 109 (ciarmy.rules) 2403409 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 110 (ciarmy.rules) 2403410 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 111 (ciarmy.rules) 2403411 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 112 (ciarmy.rules) 2403412 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 113 (ciarmy.rules) 2403413 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 114 (ciarmy.rules) 2403414 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 115 (ciarmy.rules) 2403415 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 116 (ciarmy.rules) [***] ProApps Security IDS Rules Changelog started Thu Oct 27 18:06:55 2016 [***] [+++] Added rules: 44 [+++] 2023453 - ProApps TROJAN Ransomware/Cerber Checkin 2 (trojan.rules) 2023454 - ProApps INFO Possible EXE Download From Suspicious TLD (.science) - set (info.rules) 2023455 - ProApps INFO Possible EXE Download From Suspicious TLD (.top) - set (info.rules) 2023456 - ProApps INFO Possible EXE Download From Suspicious TLD (.stream) - set (info.rules) 2023457 - ProApps INFO Possible EXE Download From Suspicious TLD (.download) - set (info.rules) 2023458 - ProApps INFO Possible EXE Download From Suspicious TLD (.gdn) - set (info.rules) 2023459 - ProApps INFO Possible EXE Download From Suspicious TLD (.biz) - set (info.rules) 2023460 - ProApps INFO Possible EXE Download From Suspicious TLD (.accountant) - set (info.rules) 2023461 - ProApps INFO Possible EXE Download From Suspicious TLD (.click) - set (info.rules) 2023462 - ProApps INFO Possible EXE Download From Suspicious TLD (.link) - set (info.rules) 2023463 - ProApps INFO Possible EXE Download From Suspicious TLD (.win) - set (info.rules) 2023464 - ProApps INFO Possible EXE Download From Suspicious TLD (info.rules) 2023465 - ProApps TROJAN Win32/Jackpot Ransomware CnC Checkin (trojan.rules) 2822937 - ProApps CURRENT_EVENTS Successful Wells Fargo Phish Oct 27 2016 (current_events.rules) 2822938 - ProApps CURRENT_EVENTS Successful Danske Bank Phish (DA) Oct 27 2016 (current_events.rules) 2822939 - ProApps CURRENT_EVENTS Successful Banco Itau (BR) Phish Oct 27 2016 (current_events.rules) 2822940 - ProApps CURRENT_EVENTS Successful Apple Global Service Exchange Phish Oct 27 2016 (current_events.rules) 2822941 - ProApps CURRENT_EVENTS Successful Amazon Phish Oct 27 2016 (current_events.rules) 2822942 - ProApps CURRENT_EVENTS Successful Yahoo Phish Oct 27 2016 (current_events.rules) 2822943 - ProApps CURRENT_EVENTS Successful CapitalOne Phish M1 Oct 27 2016 (current_events.rules) 2822944 - ProApps CURRENT_EVENTS Successful CapitalOne Phish M2 Oct 27 2016 (current_events.rules) 2822945 - ProApps CURRENT_EVENTS Successful Bank of America Phish M1 Oct 26 2016 (current_events.rules) 2822946 - ProApps CURRENT_EVENTS Successful Bank of America Phish M2 Oct 26 2016 (current_events.rules) 2822947 - ProApps CURRENT_EVENTS Successful Bank of America Phish M3 Oct 26 2016 (current_events.rules) 2822948 - ProApps CURRENT_EVENTS Successful Bank of America Phish M4 Oct 26 2016 (current_events.rules) 2822949 - ProApps TROJAN Observed SSL Cert for ShinoLocker Ransomware Domain (trojan.rules) 2822950 - ProApps TROJAN Observed DNS Request for ShinoLocker Ransomware Domain (trojan.rules) 2822951 - ProApps WEB_SPECIFIC_APPS Joomla 3.6.4 Add User Exploit (web_specific_apps.rules) 2822952 - ProApps WEB_SPECIFIC_APPS Joomla 3.6.4 Add User Exploit With PrivEsc (web_specific_apps.rules) 2822953 - ProApps CURRENT_EVENTS Successful Generic Phish Oct 27 2016 (current_events.rules) 2822954 - ProApps CURRENT_EVENTS Successful Generic Phish M2 Oct 27 2016 (current_events.rules) 2822955 - ProApps POLICY External IP Address Lookup - youip. net (policy.rules) 2822956 - ProApps TROJAN MSIL/Downloader.Agent.WD Retrieving Payload (trojan.rules) 2822957 - ProApps TROJAN DNS Query to Cerber Domain (67my9k . bid) (trojan.rules) 2822958 - ProApps TROJAN DNS Query to Cerber Domain (mn1kms . bid) (trojan.rules) 2822959 - ProApps TROJAN DNS Query to Cerber Domain (ywoi5n . bid) (trojan.rules) 2822960 - ProApps TROJAN DNS Query to Cerber Domain (sxjdpg . bid) (trojan.rules) 2822961 - ProApps TROJAN DNS Query to Cerber Domain (metpast . site) (trojan.rules) 2822962 - ProApps TROJAN DNS Query to Cerber Domain (s7jadj . bid) (trojan.rules) 2822963 - ProApps TROJAN DNS Query to Cerber Domain (areasput . link) (trojan.rules) 2822964 - ProApps TROJAN DNS Query to Cerber Domain (yfr0o1 . bid) (trojan.rules) 2822965 - ProApps TROJAN DNS Query to Cerber Domain (veupl2 . top) (trojan.rules) 2822966 - ProApps TROJAN DNS Query to Cerber Domain (cutslifes . bid) (trojan.rules) 2822967 - ProApps TROJAN PlugX Variant CnC Beacon (trojan.rules) [+++] Modify rules: 119 [+++] 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2403400 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 101 (ciarmy.rules) 2403401 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 102 (ciarmy.rules) 2403402 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 103 (ciarmy.rules) 2403403 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 104 (ciarmy.rules) 2403404 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 105 (ciarmy.rules) 2403405 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 106 (ciarmy.rules) 2403406 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 107 (ciarmy.rules) 2403407 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 108 (ciarmy.rules) 2403408 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 109 (ciarmy.rules) 2403409 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 110 (ciarmy.rules) 2403410 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 111 (ciarmy.rules) 2403411 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 112 (ciarmy.rules) 2403412 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 113 (ciarmy.rules) 2403413 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 114 (ciarmy.rules) 2403414 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 115 (ciarmy.rules) 2403415 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 116 (ciarmy.rules) 2821737 - ProApps TROJAN Babylon RAT C2 Client Request (trojan.rules) 2822469 - ProApps CURRENT_EVENTS Successful HM Revenue Phish Oct 06 2016 (current_events.rules) [+++] Removed rules: 8 [+++] 2403416 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 117 (ciarmy.rules) 2403417 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 118 (ciarmy.rules) 2403418 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 119 (ciarmy.rules) 2403419 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 120 (ciarmy.rules) 2403420 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 121 (ciarmy.rules) 2403421 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 122 (ciarmy.rules) 2403422 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 123 (ciarmy.rules) 2816763 - ProApps TROJAN Ransomware/Cerber Checkin 2 (trojan.rules) [***] ProApps Security IDS Rules Changelog started Wed Oct 26 16:34:39 2016 [***] [+++] Added rules: 93 [+++] 2023424 - ProApps TROJAN Unknown Brazilian Banker Checkin (trojan.rules) 2023425 - ProApps TROJAN Ransomware/Cerber Onion Domain Lookup (trojan.rules) 2023426 - ProApps TROJAN Ransomware/Cerber Onion Domain Lookup (trojan.rules) 2023427 - ProApps TROJAN Ransomware/Cerber Onion Domain Lookup (trojan.rules) 2023428 - ProApps TROJAN Ransomware/Cerber Onion Domain Lookup (trojan.rules) 2023429 - ProApps TROJAN Houdini/Hworm CnC Checkin M1 (trojan.rules) 2023430 - ProApps TROJAN Possible Linux.Mirai Login Attempt (1111111) (trojan.rules) 2023431 - ProApps TROJAN Possible Linux.Mirai Login Attempt (54321) (trojan.rules) 2023432 - ProApps TROJAN Possible Linux.Mirai Login Attempt (666666) (trojan.rules) 2023433 - ProApps TROJAN Possible Linux.Mirai Login Attempt (7ujMko0admin) (trojan.rules) 2023434 - ProApps TROJAN Possible Linux.Mirai Login Attempt (7ujMko0vizxv) (trojan.rules) 2023435 - ProApps TROJAN Possible Linux.Mirai Login Attempt (888888) (trojan.rules) 2023436 - ProApps TROJAN Possible Linux.Mirai Login Attempt (anko) (trojan.rules) 2023437 - ProApps TROJAN Possible Linux.Mirai Login Attempt (dreambox) (trojan.rules) 2023438 - ProApps TROJAN Possible Linux.Mirai Login Attempt (fucker) (trojan.rules) 2023439 - ProApps TROJAN Possible Linux.Mirai Login Attempt (hi3518) (trojan.rules) 2023440 - ProApps TROJAN Possible Linux.Mirai Login Attempt (ikwb) (trojan.rules) 2023441 - ProApps TROJAN Possible Linux.Mirai Login Attempt (juantech) (trojan.rules) 2023442 - ProApps TROJAN Possible Linux.Mirai Login Attempt (jvbzd) (trojan.rules) 2023443 - ProApps TROJAN Possible Linux.Mirai Login Attempt (klv123) (trojan.rules) 2023444 - ProApps TROJAN Possible Linux.Mirai Login Attempt (klv1234) (trojan.rules) 2023445 - ProApps TROJAN Possible Linux.Mirai Login Attempt (meinsm) (trojan.rules) 2023446 - ProApps TROJAN Possible Linux.Mirai Login Attempt (realtek) (trojan.rules) 2023447 - ProApps TROJAN Possible Linux.Mirai Login Attempt (service) (trojan.rules) 2023448 - ProApps TROJAN Possible Linux.Mirai Login Attempt (ubnt) (trojan.rules) 2023449 - ProApps TROJAN Possible Linux.Mirai Login Attempt (vizxv) (trojan.rules) 2023450 - ProApps TROJAN Possible Linux.Mirai Login Attempt (xmhdipc) (trojan.rules) 2023451 - ProApps TROJAN Possible Linux.Mirai Login Attempt (zlxx) (trojan.rules) 2023452 - ProApps TROJAN Possible Linux.Mirai Login Attempt (Zte521) (trojan.rules) 2822873 - ProApps TROJAN MSIL/Unknown HTTP Bot CnC Checkin M1 (trojan.rules) 2822874 - ProApps TROJAN MSIL/Unknown HTTP Bot CnC Checkin M2 (trojan.rules) 2822875 - ProApps TROJAN Unknown ForceXYZ Downloader CnC Checkin 1 (trojan.rules) 2822876 - ProApps TROJAN Unknown ForceXYZ Downloader CnC Checkin 2 (trojan.rules) 2822877 - ProApps TROJAN Unknown ForceXYZ Downloader Module Request (trojan.rules) 2822878 - ProApps TROJAN Unknown ForceXYZ Downloader Module Response (trojan.rules) 2822879 - ProApps TROJAN Zeus Panda Banker Malicious SSL Certificate Detected (trojan.rules) 2822880 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher SSL CnC Cert (mobile_malware.rules) 2822881 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2822882 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2822883 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2822884 - ProApps TROJAN APT28 XAgent DNS Lookup (trojan.rules) 2822885 - ProApps TROJAN Unknown APT Downloader Requesting Payload - set (trojan.rules) 2822886 - ProApps TROJAN Unknown APT Downloader Receiving Payload (trojan.rules) 2822887 - ProApps TROJAN APT.Gabby CnC Beacon (trojan.rules) 2822888 - ProApps TROJAN APT.Gabby CnC Beacon Response (trojan.rules) 2822889 - ProApps TROJAN W32.Cerber Ransomware HTTP Pattern (trojan.rules) 2822890 - ProApps TROJAN W32.Cerber Ransomware README.hta HTTP Referer (trojan.rules) 2822891 - ProApps CURRENT_EVENTS Successful Alibaba Phish Oct 26 2016 (current_events.rules) 2822892 - ProApps CURRENT_EVENTS Successful Facebook Phish Oct 26 2016 (current_events.rules) 2822893 - ProApps CURRENT_EVENTS Successful Dynamic Folder Phish Oct 26 2016 (current_events.rules) 2822894 - ProApps CURRENT_EVENTS Successful EDF Energy (FR) Phish M1 Oct 26 2016 (current_events.rules) 2822895 - ProApps CURRENT_EVENTS Successful EDF Energy (FR) Phish M2 Oct 26 2016 (current_events.rules) 2822896 - ProApps CURRENT_EVENTS Successful EDF Energy (FR) Phish M3 Oct 26 2016 (current_events.rules) 2822897 - ProApps CURRENT_EVENTS Successful ABSA Phish Oct 26 2016 (current_events.rules) 2822898 - ProApps CURRENT_EVENTS Successful 163.com Email Account Phish Oct 26 2016 (current_events.rules) 2822899 - ProApps CURRENT_EVENTS Successful Windows Live Account Phish Oct 26 2016 (current_events.rules) 2822900 - ProApps CURRENT_EVENTS Successful Outlook Phish Oct 26 2016 (current_events.rules) 2822901 - ProApps CURRENT_EVENTS Successful Bank of America Phish Oct 26 2016 (current_events.rules) 2822902 - ProApps CURRENT_EVENTS Successful Personalized Adobe PDF Online Phish Oct 26 2016 (current_events.rules) 2822903 - ProApps CURRENT_EVENTS Successful Ameli.fr Phish M1 Oct 26 2016 (current_events.rules) 2822904 - ProApps CURRENT_EVENTS Successful Ameli.fr Phish M2 Oct 26 2016 (current_events.rules) 2822905 - ProApps CURRENT_EVENTS Successful Personalized Outlook Phish Oct 26 2016 (current_events.rules) 2822906 - ProApps TROJAN Ransomware/Cerber Onion Domain Lookup (trojan.rules) 2822907 - ProApps TROJAN Ransomware/Cerber Onion Domain Lookup (trojan.rules) 2822908 - ProApps CURRENT_EVENTS Possible Successful Generic Phish (set) Oct 25 (current_events.rules) 2822909 - ProApps TROJAN PoisonIvy Keepalive to CnC 578 (trojan.rules) 2822910 - ProApps TROJAN PoisonIvy Keepalive to CnC 579 (trojan.rules) 2822911 - ProApps TROJAN PoisonIvy Keepalive to CnC 580 (trojan.rules) 2822912 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher SSL CnC Cert (mobile_malware.rules) 2822913 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2822914 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2822915 - ProApps CURRENT_EVENTS Possible Successful Generic Phish (set) Oct 26 (current_events.rules) 2822916 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2016-10-26 1) (trojan.rules) 2822917 - ProApps TROJAN DNS Query to Cerber Domain (o8hpwj . bid) (trojan.rules) 2822918 - ProApps TROJAN DNS Query to Cerber Domain (pushstory . bid) (trojan.rules) 2822919 - ProApps TROJAN DNS Query to Cerber Domain (chaingame . info) (trojan.rules) 2822920 - ProApps TROJAN DNS Query to Cerber Domain (1h37ce . top) (trojan.rules) 2822921 - ProApps TROJAN DNS Query to Cerber Domain (f3z72p . bid) (trojan.rules) 2822922 - ProApps TROJAN DNS Query to Cerber Domain (msf27y . bid) (trojan.rules) 2822923 - ProApps TROJAN DNS Query to Cerber Domain (gio6f6 . bid) (trojan.rules) 2822924 - ProApps TROJAN DNS Query to Cerber Domain (goodslet . win) (trojan.rules) 2822925 - ProApps TROJAN DNS Query to Cerber Domain (charhesare . mobi) (trojan.rules) 2822926 - ProApps TROJAN DNS Query to Cerber Domain (7156et . bid) (trojan.rules) 2822927 - ProApps POLICY DNS Query to .onion proxy Domain (deballmoneypool.com) (policy.rules) 2822928 - ProApps POLICY DNS Query to .onion proxy Domain (toysworlds.at) (policy.rules) 2822929 - ProApps POLICY DNS Query to .onion proxy Domain (torhelper.pl) (policy.rules) 2822930 - ProApps POLICY DNS Query to .onion proxy Domain (bigclear.at) (policy.rules) 2822931 - ProApps POLICY DNS Query to .onion proxy Domain (tormidle.at) (policy.rules) 2822932 - ProApps CURRENT_EVENTS Successful Paypal Phish M1 Oct 26 2016 (current_events.rules) 2822933 - ProApps CURRENT_EVENTS Paypal Phishing Landing M1 Oct 26 2016 (current_events.rules) 2822934 - ProApps CURRENT_EVENTS Successful Paypal Phish M2 Oct 26 2016 (current_events.rules) 2822935 - ProApps CURRENT_EVENTS Paypal Phishing Landing M2 Oct 26 2016 (current_events.rules) 2822936 - ProApps CURRENT_EVENTS Successful Paypal Phish M3 Oct 26 2016 (current_events.rules) [+++] Modify rules: 126 [+++] 2014726 - ProApps POLICY Outdated Windows Flash Version IE (policy.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2403400 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 101 (ciarmy.rules) 2403401 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 102 (ciarmy.rules) 2403402 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 103 (ciarmy.rules) 2403403 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 104 (ciarmy.rules) 2403404 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 105 (ciarmy.rules) 2403405 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 106 (ciarmy.rules) 2403406 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 107 (ciarmy.rules) 2403407 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 108 (ciarmy.rules) 2403408 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 109 (ciarmy.rules) 2403409 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 110 (ciarmy.rules) 2403410 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 111 (ciarmy.rules) 2403411 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 112 (ciarmy.rules) 2403412 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 113 (ciarmy.rules) 2403413 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 114 (ciarmy.rules) 2403414 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 115 (ciarmy.rules) 2403415 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 116 (ciarmy.rules) 2403416 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 117 (ciarmy.rules) 2403417 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 118 (ciarmy.rules) 2403418 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 119 (ciarmy.rules) 2403419 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 120 (ciarmy.rules) 2403420 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 121 (ciarmy.rules) 2403421 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 122 (ciarmy.rules) 2403422 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 123 (ciarmy.rules) 2820455 - ProApps TROJAN Houdini/Hworm CnC Checkin M2 (trojan.rules) [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Tue Oct 25 16:59:20 2016 [***] [+++] Added rules: 49 [+++] 2023402 - ProApps TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gozi MITM) (trojan.rules) 2023403 - ProApps TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gozi MITM) (trojan.rules) 2023404 - ProApps TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gozi MITM) (trojan.rules) 2023405 - ProApps TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Vawtrak CnC) (trojan.rules) 2023406 - ProApps TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gozi MITM) (trojan.rules) 2023407 - ProApps TROJAN APT28/Sednit DNS Lookup (ciscohelpcenter .com) (trojan.rules) 2023408 - ProApps TROJAN APT28/Sednit DNS Lookup (timezoneutc .com) (trojan.rules) 2023409 - ProApps TROJAN APT28/Sednit DNS Lookup (inteldrv64 .com) (trojan.rules) 2023410 - ProApps TROJAN APT28/Sednit DNS Lookup (advpdxapi .com) (trojan.rules) 2023411 - ProApps TROJAN APT28/Sednit DNS Lookup (cloudflarecdn .com) (trojan.rules) 2023412 - ProApps TROJAN APT28/Sednit DNS Lookup (driversupdate .info) (trojan.rules) 2023413 - ProApps TROJAN APT28/Sednit DNS Lookup (kenlynton .com) (trojan.rules) 2023414 - ProApps TROJAN APT28/Sednit DNS Lookup (microsoftdriver .com) (trojan.rules) 2023415 - ProApps TROJAN APT28/Sednit DNS Lookup (microsofthelpcenter .info) (trojan.rules) 2023416 - ProApps TROJAN APT28/Sednit DNS Lookup (nortonupdate .org) (trojan.rules) 2023417 - ProApps TROJAN APT28/Sednit DNS Lookup (softwaresupportsv .com) (trojan.rules) 2023418 - ProApps TROJAN APT28/Sednit DNS Lookup (symantecsupport .org) (trojan.rules) 2023419 - ProApps TROJAN APT28/Sednit DNS Lookup (updatecenter .name) (trojan.rules) 2023420 - ProApps TROJAN APT28/Sednit DNS Lookup (updatesystems .net) (trojan.rules) 2023421 - ProApps TROJAN APT28/Sednit DNS Lookup (updmanager .com) (trojan.rules) 2023422 - ProApps TROJAN APT28/Sednit DNS Lookup (windowsappstore .net) (trojan.rules) 2023423 - ProApps TROJAN APT28/Sednit SSL Cert (trojan.rules) 2822846 - ProApps TROJAN APT28 XAgent SSL Cert (trojan.rules) 2822847 - ProApps CURRENT_EVENTS Evil iframe Redirect to RIG-v EK Oct 24 2016 (current_events.rules) 2822848 - ProApps CURRENT_EVENTS Successful Generic Phish (Observed in Apple/Paypal/Amazon Campaigns) M1 Oct 25 2016 (current_events.rules) 2822849 - ProApps CURRENT_EVENTS Successful Generic Phish (Observed in Apple/Paypal/Amazon Campaigns) M2 Oct 25 2016 (current_events.rules) 2822850 - ProApps CURRENT_EVENTS Successful Yahoo Phish Oct 25 2016 (current_events.rules) 2822851 - ProApps CURRENT_EVENTS Successful Bradesco Bank Phish Oct 25 2016 (current_events.rules) 2822852 - ProApps CURRENT_EVENTS Successful Banco do Brasil Phish M1 Oct 25 2016 (current_events.rules) 2822853 - ProApps CURRENT_EVENTS Successful Banco do Brasil Phish M2 Oct 25 2016 (current_events.rules) 2822854 - ProApps CURRENT_EVENTS Successful Swisscom Phish Oct 25 2016 (current_events.rules) 2822855 - ProApps CURRENT_EVENTS Successful SGKB (DE) Phish Oct 25 2016 (current_events.rules) 2822856 - ProApps CURRENT_EVENTS Successful Outlook Phish Oct 25 2016 (current_events.rules) 2822857 - ProApps CURRENT_EVENTS Successful Apple ID Phish Oct 25 2016 (current_events.rules) 2822858 - ProApps CURRENT_EVENTS Successful Chase Phish Oct 25 2016 (current_events.rules) 2822859 - ProApps CURRENT_EVENTS Successful Dropbox Phish Oct 25 2016 (current_events.rules) 2822860 - ProApps MALWARE MSIL/Kryptik.EAN Variant Downloader Activity (malware.rules) 2822861 - ProApps TROJAN JS/CardSkimming SSL Certificate Detected (trojan.rules) 2822862 - ProApps TROJAN DNS Query to Cerber Domain (spotsvia . top) (trojan.rules) 2822863 - ProApps TROJAN DNS Query to Cerber Domain (opposemod . one) (trojan.rules) 2822864 - ProApps TROJAN DNS Query to Cerber Domain (2gbbja . top) (trojan.rules) 2822865 - ProApps TROJAN DNS Query to Cerber Domain (wrd4fo . top) (trojan.rules) 2822866 - ProApps TROJAN DNS Query to Cerber Domain (asfall . in) (trojan.rules) 2822867 - ProApps TROJAN DNS Query to Cerber Domain (m33d4b . bid) (trojan.rules) 2822868 - ProApps TROJAN DNS Query to Cerber Domain (gapplayed . link) (trojan.rules) 2822869 - ProApps TROJAN DNS Query to Cerber Domain (hurryball . asia) (trojan.rules) 2822870 - ProApps TROJAN DNS Query to Cerber Domain (ij0cia . bid) (trojan.rules) 2822871 - ProApps TROJAN DNS Query to Cerber Domain (7wrwp4 . top) (trojan.rules) 2822872 - ProApps MALWARE Unknown.CN PUP POSTing System Information (malware.rules) [+++] Modify rules: 130 [+++] 2023401 - ProApps CURRENT_EVENTS RIG EK URI struct Oct 24 2016 (RIG-v) (current_events.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2403400 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 101 (ciarmy.rules) 2403401 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 102 (ciarmy.rules) 2403402 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 103 (ciarmy.rules) 2403403 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 104 (ciarmy.rules) 2403404 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 105 (ciarmy.rules) 2403405 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 106 (ciarmy.rules) 2403406 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 107 (ciarmy.rules) 2403407 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 108 (ciarmy.rules) 2403408 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 109 (ciarmy.rules) 2403409 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 110 (ciarmy.rules) 2403410 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 111 (ciarmy.rules) 2403411 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 112 (ciarmy.rules) 2403412 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 113 (ciarmy.rules) 2403413 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 114 (ciarmy.rules) 2403414 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 115 (ciarmy.rules) 2403415 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 116 (ciarmy.rules) 2403416 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 117 (ciarmy.rules) 2403417 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 118 (ciarmy.rules) 2403418 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 119 (ciarmy.rules) 2403419 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 120 (ciarmy.rules) 2403420 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 121 (ciarmy.rules) 2403421 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 122 (ciarmy.rules) 2403422 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 123 (ciarmy.rules) 2816763 - ProApps TROJAN Ransomware/Cerber Checkin 2 (trojan.rules) 2816764 - ProApps TROJAN Ransomware/Cerber Checkin Error ICMP Response (trojan.rules) 2816917 - ProApps TROJAN ATRAPS Sending Screenshot (trojan.rules) 2820237 - ProApps CURRENT_EVENTS Successful Dropbox Phish May 16 (current_events.rules) 2822318 - ProApps CURRENT_EVENTS Successful Bradesco Bank Phish M4 Sept 29 2016 (current_events.rules) [+++] Removed rules: 5 [+++] 2403423 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 124 (ciarmy.rules) 2403424 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 125 (ciarmy.rules) 2403425 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 126 (ciarmy.rules) 2403426 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 127 (ciarmy.rules) 2403427 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 128 (ciarmy.rules) [***] ProApps Security IDS Rules Changelog started Mon Oct 24 16:26:16 2016 [***] [+++] Added rules: 36 [+++] 2023397 - ProApps TROJAN Win32/CryptFile2 Ransomware Checkin M2 (trojan.rules) 2023398 - ProApps MOBILE_MALWARE AndroRAT Bitter DNS Lookup (info2t .com) (mobile_malware.rules) 2023399 - ProApps TROJAN Bitter RAT TCP CnC Beacon (trojan.rules) 2023400 - ProApps TROJAN Bitter RAT HTTP CnC Beacon (trojan.rules) 2023401 - ProApps CURRENT_EVENTS RIG-v URI struct Oct 24 2016 (current_events.rules) 2822815 - ProApps INFO Suspicious Empty SSL Certificate - Observed in Cobalt Strike (info.rules) 2822816 - ProApps TROJAN W32.Unknown Checkin (trojan.rules) 2822817 - ProApps TROJAN Terse HTTP Request to Pastebin Likely Malicious (trojan.rules) 2822818 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2016-10-24 1) (trojan.rules) 2822819 - ProApps TROJAN DNS Query to Cerber Domain (ledreject . pw) (trojan.rules) 2822820 - ProApps TROJAN DNS Query to Cerber Domain (7j6htz . bid) (trojan.rules) 2822821 - ProApps TROJAN DNS Query to Cerber Domain (sitcalls . us) (trojan.rules) 2822822 - ProApps TROJAN DNS Query to Cerber Domain (8a0sf6 . top) (trojan.rules) 2822823 - ProApps TROJAN DNS Query to Cerber Domain (lesstree . info) (trojan.rules) 2822824 - ProApps TROJAN DNS Query to Cerber Domain (w0ii21 . bid) (trojan.rules) 2822825 - ProApps TROJAN DNS Query to Cerber Domain (en3oyw . bid) (trojan.rules) 2822826 - ProApps TROJAN DNS Query to Cerber Domain (apreserve . asia) (trojan.rules) 2822827 - ProApps TROJAN DNS Query to Cerber Domain (t01jw0 . bid) (trojan.rules) 2822828 - ProApps TROJAN DNS Query to Cerber Domain (xvstbw . bid) (trojan.rules) 2822829 - ProApps TROJAN PoisonIvy Keepalive to CnC 569 (trojan.rules) 2822830 - ProApps TROJAN PoisonIvy Keepalive to CnC 570 (trojan.rules) 2822831 - ProApps TROJAN PoisonIvy Keepalive to CnC 571 (trojan.rules) 2822832 - ProApps TROJAN PoisonIvy Keepalive to CnC 572 (trojan.rules) 2822833 - ProApps TROJAN PoisonIvy Keepalive to CnC 573 (trojan.rules) 2822834 - ProApps TROJAN PoisonIvy Keepalive to CnC 574 (trojan.rules) 2822835 - ProApps TROJAN PoisonIvy Keepalive to CnC 575 (trojan.rules) 2822836 - ProApps TROJAN PoisonIvy Keepalive to CnC 576 (trojan.rules) 2822837 - ProApps TROJAN PoisonIvy Keepalive to CnC 577 (trojan.rules) 2822838 - ProApps TROJAN Linux.TheMoon P2P Checkin (trojan.rules) 2822839 - ProApps CURRENT_EVENTS Successful LCL Banque et Assurance (FR) Phish Oct 22 2016 (current_events.rules) 2822840 - ProApps CURRENT_EVENTS Successful Wells Fargo Phish Oct 22 2016 (current_events.rules) 2822841 - ProApps CURRENT_EVENTS Successful Ebay Phish Oct 22 2016 (current_events.rules) 2822842 - ProApps CURRENT_EVENTS Successful Impots.gouv.fr Phish Oct 24 2016 (current_events.rules) 2822843 - ProApps CURRENT_EVENTS Successful Alibaba Phish Oct 24 2016 (current_events.rules) 2822844 - ProApps CURRENT_EVENTS Successful Yahoo Phish Oct 24 2016 (current_events.rules) 2822845 - ProApps CURRENT_EVENTS Successful AOL Phish Oct 24 2016 (current_events.rules) [+++] Modify rules: 166 [+++] 2022683 - ProApps TROJAN Win32/CryptFile2 Ransomware Checkin (trojan.rules) 2400000 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 1 (drop.rules) 2400001 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 2 (drop.rules) 2400002 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 3 (drop.rules) 2400003 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 4 (drop.rules) 2400004 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 5 (drop.rules) 2400005 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 6 (drop.rules) 2400006 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 7 (drop.rules) 2400007 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 8 (drop.rules) 2400008 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 9 (drop.rules) 2400009 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 10 (drop.rules) 2400010 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 11 (drop.rules) 2400011 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 12 (drop.rules) 2400012 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 13 (drop.rules) 2400013 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 14 (drop.rules) 2400014 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 15 (drop.rules) 2400015 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 16 (drop.rules) 2400016 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 17 (drop.rules) 2400017 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 18 (drop.rules) 2400018 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 19 (drop.rules) 2400019 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 20 (drop.rules) 2400020 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 21 (drop.rules) 2400021 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 22 (drop.rules) 2400022 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 23 (drop.rules) 2400023 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 24 (drop.rules) 2400024 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 25 (drop.rules) 2400025 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 26 (drop.rules) 2400026 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 27 (drop.rules) 2400027 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 28 (drop.rules) 2400028 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 29 (drop.rules) 2400029 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 30 (drop.rules) 2400030 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 31 (drop.rules) 2400031 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 32 (drop.rules) 2400032 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 33 (drop.rules) 2400033 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 34 (drop.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2403400 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 101 (ciarmy.rules) 2403401 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 102 (ciarmy.rules) 2403402 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 103 (ciarmy.rules) 2403403 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 104 (ciarmy.rules) 2403404 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 105 (ciarmy.rules) 2403405 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 106 (ciarmy.rules) 2403406 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 107 (ciarmy.rules) 2403407 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 108 (ciarmy.rules) 2403408 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 109 (ciarmy.rules) 2403409 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 110 (ciarmy.rules) 2403410 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 111 (ciarmy.rules) 2403411 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 112 (ciarmy.rules) 2403412 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 113 (ciarmy.rules) 2403413 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 114 (ciarmy.rules) 2403414 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 115 (ciarmy.rules) 2403415 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 116 (ciarmy.rules) 2403416 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 117 (ciarmy.rules) 2403417 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 118 (ciarmy.rules) 2403418 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 119 (ciarmy.rules) 2403419 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 120 (ciarmy.rules) 2403420 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 121 (ciarmy.rules) 2403421 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 122 (ciarmy.rules) 2403422 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 123 (ciarmy.rules) 2403423 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 124 (ciarmy.rules) 2403424 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 125 (ciarmy.rules) 2403425 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 126 (ciarmy.rules) 2403426 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 127 (ciarmy.rules) 2403427 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 128 (ciarmy.rules) 2808519 - ProApps TROJAN Win32/Sarvdap C2 traffic (trojan.rules) 2822708 - ProApps CURRENT_EVENTS Successful Outlook Phish Oct 18 2016 (current_events.rules) [+++] Removed rules: 10 [+++] 2403428 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 129 (ciarmy.rules) 2403429 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 130 (ciarmy.rules) 2403430 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 131 (ciarmy.rules) 2403431 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 132 (ciarmy.rules) 2403432 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 133 (ciarmy.rules) 2403433 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 134 (ciarmy.rules) 2403434 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 135 (ciarmy.rules) 2403435 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 136 (ciarmy.rules) 2403436 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 137 (ciarmy.rules) 2403437 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 138 (ciarmy.rules) [***] ProApps Security IDS Rules Changelog started Fri Oct 21 16:48:26 2016 [***] [+++] Added rules: 85 [+++] 2023354 - ProApps TROJAN Observed AgentTesla Domain Request (trojan.rules) 2023355 - ProApps TROJAN APT28/Sednit DNS Lookup (microsoftsupp .com) (trojan.rules) 2023356 - ProApps TROJAN APT28/Sednit DNS Lookup (aljazeera-news .com) (trojan.rules) 2023357 - ProApps TROJAN APT28/Sednit DNS Lookup (ausameetings .com) (trojan.rules) 2023358 - ProApps TROJAN APT28/Sednit DNS Lookup (bbc-press .org) (trojan.rules) 2023359 - ProApps TROJAN APT28/Sednit DNS Lookup (cnnpolitics .eu) (trojan.rules) 2023360 - ProApps TROJAN APT28/Sednit DNS Lookup (dailyforeignnews .com) (trojan.rules) 2023361 - ProApps TROJAN APT28/Sednit DNS Lookup (dailypoliticsnews .com) (trojan.rules) 2023362 - ProApps TROJAN APT28/Sednit DNS Lookup (defenceiq .us) (trojan.rules) 2023363 - ProApps TROJAN APT28/Sednit DNS Lookup (defencereview .eu) (trojan.rules) 2023364 - ProApps TROJAN APT28/Sednit DNS Lookup (diplomatnews .org) (trojan.rules) 2023365 - ProApps TROJAN APT28/Sednit DNS Lookup (euronews24 .info) (trojan.rules) 2023366 - ProApps TROJAN APT28/Sednit DNS Lookup (euroreport24 .com) (trojan.rules) 2023367 - ProApps TROJAN APT28/Sednit DNS Lookup (kg-news .org) (trojan.rules) 2023368 - ProApps TROJAN APT28/Sednit DNS Lookup (military-info .eu) (trojan.rules) 2023369 - ProApps TROJAN APT28/Sednit DNS Lookup (militaryadviser .org) (trojan.rules) 2023370 - ProApps TROJAN APT28/Sednit DNS Lookup (militaryobserver .net) (trojan.rules) 2023371 - ProApps TROJAN APT28/Sednit DNS Lookup (nato-hq .com) (trojan.rules) 2023372 - ProApps TROJAN APT28/Sednit DNS Lookup (nato-news .com) (trojan.rules) 2023373 - ProApps TROJAN APT28/Sednit DNS Lookup (natoint .com) (trojan.rules) 2023374 - ProApps TROJAN APT28/Sednit DNS Lookup (natopress .com) (trojan.rules) 2023375 - ProApps TROJAN APT28/Sednit DNS Lookup (osce-info .com) (trojan.rules) 2023376 - ProApps TROJAN APT28/Sednit DNS Lookup (osce-press .org) (trojan.rules) 2023377 - ProApps TROJAN APT28/Sednit DNS Lookup (pakistan-mofa .net) (trojan.rules) 2023378 - ProApps TROJAN APT28/Sednit DNS Lookup (politicalreview .eu) (trojan.rules) 2023379 - ProApps TROJAN APT28/Sednit DNS Lookup (politicsinform .com) (trojan.rules) 2023380 - ProApps TROJAN APT28/Sednit DNS Lookup (reuters-press .com) (trojan.rules) 2023381 - ProApps TROJAN APT28/Sednit DNS Lookup (shurl .biz) (trojan.rules) 2023382 - ProApps TROJAN APT28/Sednit DNS Lookup (stratforglobal .net) (trojan.rules) 2023383 - ProApps TROJAN APT28/Sednit DNS Lookup (thediplomat-press .com) (trojan.rules) 2023384 - ProApps TROJAN APT28/Sednit DNS Lookup (theguardiannews .org) (trojan.rules) 2023385 - ProApps TROJAN APT28/Sednit DNS Lookup (trend-news .org) (trojan.rules) 2023386 - ProApps TROJAN APT28/Sednit DNS Lookup (unian-news .info) (trojan.rules) 2023387 - ProApps TROJAN APT28/Sednit DNS Lookup (unitednationsnews .eu) (trojan.rules) 2023388 - ProApps TROJAN APT28/Sednit DNS Lookup (virusdefender .org) (trojan.rules) 2023389 - ProApps TROJAN APT28/Sednit DNS Lookup (worldmilitarynews .org) (trojan.rules) 2023390 - ProApps TROJAN APT28/Sednit DNS Lookup (worldpoliticsnews .org) (trojan.rules) 2023391 - ProApps TROJAN APT28/Sednit DNS Lookup (capisp .com) (trojan.rules) 2023392 - ProApps TROJAN APT28/Sednit DNS Lookup (dataclen .org) (trojan.rules) 2023393 - ProApps TROJAN APT28/Sednit DNS Lookup (mscoresvw .com) (trojan.rules) 2023394 - ProApps TROJAN APT28/Sednit DNS Lookup (windowscheckupdater .net) (trojan.rules) 2023395 - ProApps TROJAN APT28/Sednit DNS Lookup (acledit .com) (trojan.rules) 2023396 - ProApps TROJAN APT28/Sednit DNS Lookup (biocpl .org) (trojan.rules) 2403432 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 133 (ciarmy.rules) 2403433 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 134 (ciarmy.rules) 2403434 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 135 (ciarmy.rules) 2403435 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 136 (ciarmy.rules) 2403436 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 137 (ciarmy.rules) 2403437 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 138 (ciarmy.rules) 2822778 - ProApps TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822779 - ProApps TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822780 - ProApps TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822781 - ProApps TROJAN Observed PS Empire Downloader SSL Cert via MalDoc Oct 20 (trojan.rules) 2822782 - ProApps CURRENT_EVENTS Successful Generic Webmail Phish Oct 20 2016 (current_events.rules) 2822783 - ProApps CURRENT_EVENTS Successful Facebook Phish Oct 20 2016 (current_events.rules) 2822784 - ProApps CURRENT_EVENTS Successful Personalized DHL Phish Oct 20 2016 (current_events.rules) 2822785 - ProApps CURRENT_EVENTS Successful EC21 B2B Phish Oct 20 2016 (current_events.rules) 2822786 - ProApps CURRENT_EVENTS Successful Google Drive Phish Oct 20 2016 (current_events.rules) 2822787 - ProApps CURRENT_EVENTS Successful Banco Bradesco Phish Oct 20 2016 (current_events.rules) 2822788 - ProApps CURRENT_EVENTS Successful Earthlink Phish Oct 20 2016 (current_events.rules) 2822789 - ProApps CURRENT_EVENTS Successful Wells Fargo Phish Oct 20 2016 (current_events.rules) 2822790 - ProApps CURRENT_EVENTS Successful UBS Phish Oct 20 2016 (current_events.rules) 2822791 - ProApps TROJAN DNS Query to Cerber Domain (ledreject . pw) (trojan.rules) 2822792 - ProApps TROJAN DNS Query to Cerber Domain (7j6htz . bid) (trojan.rules) 2822793 - ProApps TROJAN DNS Query to Cerber Domain (sitcalls . us) (trojan.rules) 2822794 - ProApps TROJAN DNS Query to Cerber Domain (8a0sf6 . top) (trojan.rules) 2822795 - ProApps TROJAN DNS Query to Cerber Domain (lesstree . info) (trojan.rules) 2822796 - ProApps TROJAN DNS Query to Cerber Domain (w0ii21 . bid) (trojan.rules) 2822797 - ProApps TROJAN DNS Query to Cerber Domain (en3oyw . bid) (trojan.rules) 2822798 - ProApps TROJAN DNS Query to Cerber Domain (apreserve . asia) (trojan.rules) 2822799 - ProApps TROJAN DNS Query to Cerber Domain (t01jw0 . bid) (trojan.rules) 2822800 - ProApps TROJAN DNS Query to Cerber Domain (xvstbw . bid) (trojan.rules) 2822801 - ProApps TROJAN DiamondFox HTTP POST CnC Checkin (trojan.rules) 2822802 - ProApps TROJAN DiamondFox HTTP Requesting Module (trojan.rules) 2822803 - ProApps TROJAN DiamondFox HTTP POSTing JPEG (trojan.rules) 2822804 - ProApps TROJAN DiamondFox HTTP POST CnC Checkin 2 (trojan.rules) 2822806 - ProApps TROJAN W32.Plugx CnC HTTP Request (trojan.rules) 2822807 - ProApps CURRENT_EVENTS Successful Bank of America Phish M1 Oct 21 2016 (current_events.rules) 2822808 - ProApps CURRENT_EVENTS Successful iTunes Connect Phish M1 Oct 21 2016 (current_events.rules) 2822809 - ProApps CURRENT_EVENTS Successful iTunes Connect Phish M2 Oct 21 2016 (current_events.rules) 2822810 - ProApps CURRENT_EVENTS Successful Paypal Phish Oct 21 2016 (current_events.rules) 2822811 - ProApps CURRENT_EVENTS Successful Alibaba Phish Oct 21 2016 (current_events.rules) 2822812 - ProApps CURRENT_EVENTS Successful Bank of America Phish M2 Oct 21 2016 (current_events.rules) 2822813 - ProApps CURRENT_EVENTS Successful NAB Bank Phish Oct 21 2016 (current_events.rules) 2822814 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2016-10-21 1) (trojan.rules) [+++] Modify rules: 137 [+++] 2022535 - ProApps TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Dridex) (trojan.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2403400 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 101 (ciarmy.rules) 2403401 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 102 (ciarmy.rules) 2403402 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 103 (ciarmy.rules) 2403403 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 104 (ciarmy.rules) 2403404 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 105 (ciarmy.rules) 2403405 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 106 (ciarmy.rules) 2403406 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 107 (ciarmy.rules) 2403407 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 108 (ciarmy.rules) 2403408 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 109 (ciarmy.rules) 2403409 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 110 (ciarmy.rules) 2403410 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 111 (ciarmy.rules) 2403411 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 112 (ciarmy.rules) 2403412 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 113 (ciarmy.rules) 2403413 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 114 (ciarmy.rules) 2403414 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 115 (ciarmy.rules) 2403415 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 116 (ciarmy.rules) 2403416 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 117 (ciarmy.rules) 2403417 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 118 (ciarmy.rules) 2403418 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 119 (ciarmy.rules) 2403419 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 120 (ciarmy.rules) 2403420 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 121 (ciarmy.rules) 2403421 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 122 (ciarmy.rules) 2403422 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 123 (ciarmy.rules) 2403423 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 124 (ciarmy.rules) 2403424 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 125 (ciarmy.rules) 2403425 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 126 (ciarmy.rules) 2403426 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 127 (ciarmy.rules) 2403427 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 128 (ciarmy.rules) 2403428 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 129 (ciarmy.rules) 2403429 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 130 (ciarmy.rules) 2403430 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 131 (ciarmy.rules) 2403431 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 132 (ciarmy.rules) 2809444 - ProApps EXPLOIT Possible Asus WRT LAN Backdoor Command Execution (exploit.rules) 2811838 - ProApps CURRENT_EVENTS Suspicious Terse HTTP Request to Pastebin (current_events.rules) 2820787 - ProApps TROJAN DiamondFox HTTP POST CnC Response (trojan.rules) [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Thu Oct 20 17:13:02 2016 [***] [+++] Added rules: 26 [+++] 2403425 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 126 (ciarmy.rules) 2403426 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 127 (ciarmy.rules) 2403427 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 128 (ciarmy.rules) 2403428 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 129 (ciarmy.rules) 2403429 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 130 (ciarmy.rules) 2403430 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 131 (ciarmy.rules) 2403431 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 132 (ciarmy.rules) 2822759 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2016-10-19 1) (trojan.rules) 2822760 - ProApps TROJAN Observed AgentTesla Domain Request in SNI via SSL (trojan.rules) 2822761 - ProApps TROJAN DNS Query to Cerber Domain (eventeach . gdn) (trojan.rules) 2822762 - ProApps TROJAN DNS Query to Cerber Domain (gg4dgp . bid) (trojan.rules) 2822763 - ProApps TROJAN DNS Query to Cerber Domain (dsv023 . bid) (trojan.rules) 2822764 - ProApps TROJAN DNS Query to Cerber Domain (uwckha . bid) (trojan.rules) 2822765 - ProApps TROJAN DNS Query to Cerber Domain (metpast . date) (trojan.rules) 2822766 - ProApps TROJAN DNS Query to Cerber Domain (phasetied . pw) (trojan.rules) 2822767 - ProApps TROJAN DNS Query to Cerber Domain (gnuvaw . bid) (trojan.rules) 2822768 - ProApps TROJAN DNS Query to Cerber Domain (shiftany . date) (trojan.rules) 2822769 - ProApps TROJAN DNS Query to Cerber Domain (choiceher . win) (trojan.rules) 2822770 - ProApps TROJAN DNS Query to Cerber Domain (9tftgh . bid) (trojan.rules) 2822771 - ProApps TROJAN Win32/Spdevbot.A CnC SSL Certificate Detected (trojan.rules) 2822772 - ProApps TROJAN MSIL/Zaebalo Checkin (trojan.rules) 2822773 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2016-10-20 1) (trojan.rules) 2822774 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2016-10-20 2) (trojan.rules) 2822775 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2016-10-20 3) (trojan.rules) 2822776 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2016-10-20 4) (trojan.rules) 2822777 - ProApps MOBILE_MALWARE Trojan.AndroidOS.AVPass.i Checkin (mobile_malware.rules) [+++] Modify rules: 128 [+++] 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2403400 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 101 (ciarmy.rules) 2403401 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 102 (ciarmy.rules) 2403402 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 103 (ciarmy.rules) 2403403 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 104 (ciarmy.rules) 2403404 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 105 (ciarmy.rules) 2403405 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 106 (ciarmy.rules) 2403406 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 107 (ciarmy.rules) 2403407 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 108 (ciarmy.rules) 2403408 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 109 (ciarmy.rules) 2403409 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 110 (ciarmy.rules) 2403410 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 111 (ciarmy.rules) 2403411 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 112 (ciarmy.rules) 2403412 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 113 (ciarmy.rules) 2403413 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 114 (ciarmy.rules) 2403414 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 115 (ciarmy.rules) 2403415 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 116 (ciarmy.rules) 2403416 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 117 (ciarmy.rules) 2403417 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 118 (ciarmy.rules) 2403418 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 119 (ciarmy.rules) 2403419 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 120 (ciarmy.rules) 2403420 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 121 (ciarmy.rules) 2403421 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 122 (ciarmy.rules) 2403422 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 123 (ciarmy.rules) 2403423 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 124 (ciarmy.rules) 2403424 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 125 (ciarmy.rules) 2802841 - ProApps USER_AGENTS Suspicious User-Agent Setup Agent - Likely Malware (user_agents.rules) 2807486 - ProApps TROJAN Worm.Win32/Mamianune.gen spreading via SMTP (trojan.rules) [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Wed Oct 19 17:35:33 2016 [***] [+++] Added rules: 23 [+++] 2023351 - ProApps WEB_SPECIFIC_APPS User Agent (SQLi Injection / Scanning) (web_specific_apps.rules) 2023352 - ProApps CURRENT_EVENTS Evil Redirector Leading to EK Oct 19 2016 (current_events.rules) 2023353 - ProApps CURRENT_EVENTS Evil Redirector Leading to EK Oct 19 2016 T2 (current_events.rules) 2822739 - ProApps TROJAN DNS Query to Cerber Domain (2ym6om . bid) (trojan.rules) 2822740 - ProApps TROJAN DNS Query to Cerber Domain (06boy8 . bid) (trojan.rules) 2822741 - ProApps TROJAN DNS Query to Cerber Domain (zmfhjr . top) (trojan.rules) 2822742 - ProApps TROJAN DNS Query to Cerber Domain (holescase . pw) (trojan.rules) 2822743 - ProApps TROJAN DNS Query to Cerber Domain (tankplain . date) (trojan.rules) 2822744 - ProApps TROJAN DNS Query to Cerber Domain (n41n1a . top) (trojan.rules) 2822745 - ProApps TROJAN DNS Query to Cerber Domain (storingus . gdn) (trojan.rules) 2822746 - ProApps TROJAN DNS Query to Cerber Domain (piitem . in) (trojan.rules) 2822747 - ProApps TROJAN DNS Query to Cerber Domain (jvrh8g . bid) (trojan.rules) 2822748 - ProApps TROJAN DNS Query to Cerber Domain (laterugly . win) (trojan.rules) 2822749 - ProApps CURRENT_EVENTS Successful NatWest Bank Phish M1 Oct 19 2016 (current_events.rules) 2822750 - ProApps CURRENT_EVENTS Successful NatWest Bank Phish M2 Oct 19 2016 (current_events.rules) 2822751 - ProApps CURRENT_EVENTS Successful NatWest Bank Phish M3 Oct 19 2016 (current_events.rules) 2822752 - ProApps CURRENT_EVENTS Successful Google Docs Phish M1 Oct 19 2016 (current_events.rules) 2822753 - ProApps CURRENT_EVENTS Successful Google Docs Phish M2 Oct 19 2016 (current_events.rules) 2822754 - ProApps CURRENT_EVENTS Successful NAB Bank Phish M1 Oct 19 2016 (current_events.rules) 2822755 - ProApps CURRENT_EVENTS Successful NAB Bank Phish M2 Oct 19 2016 (current_events.rules) 2822756 - ProApps CURRENT_EVENTS Successful Credit Agricole Bank (FR) Phish M1 Oct 19 2016 (current_events.rules) 2822757 - ProApps CURRENT_EVENTS Successful Credit Agricole Bank (FR) Phish M2 Oct 19 2016 (current_events.rules) 2822758 - ProApps CURRENT_EVENTS Successful Credit Agricole Bank (FR) Phish M3 Oct 19 2016 (current_events.rules) [+++] Modify rules: 1 [+++] 2807777 - ProApps TROJAN Project Hook PoS Checkin (trojan.rules) [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Wed Oct 19 16:14:41 2016 [***] [+++] Added rules: 11 [+++] 2023349 - ProApps TROJAN Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 106 (trojan.rules) 2023350 - ProApps TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Vawtrak CnC) (trojan.rules) 2822730 - ProApps TROJAN PassCV Win32/TrojanDownloader.VB.NOY CnC Beacon (trojan.rules) 2822731 - ProApps TROJAN PassCV Win32/DyCode.A CnC Beacon (trojan.rules) 2822732 - ProApps TROJAN PassCV Gh0st CnC Beacon (trojan.rules) 2822733 - ProApps TROJAN PassCV Win32/Kitkiot.B CnC Beacon (trojan.rules) 2822734 - ProApps TROJAN Win32/DNtoolz0.BR Checkin (trojan.rules) 2822735 - ProApps TROJAN Known Malicious User-Agent (pb) Possible Win32.ProxyBack or Win32.Htbot.B (trojan.rules) 2822736 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2822737 - ProApps TROJAN MSIL/Bladabindi/njRAT Variant CnC Checkin (boolLove) (trojan.rules) 2822738 - ProApps TROJAN MSIL/Exotic CnC Checkin (trojan.rules) [+++] Modify rules: 4 [+++] 2011582 - ProApps POLICY Vulnerable Java Version 1.6.x Detected (policy.rules) 2014297 - ProApps POLICY Vulnerable Java Version 1.7.x Detected (policy.rules) 2019401 - ProApps POLICY Vulnerable Java Version 1.8.x Detected (policy.rules) 2807777 - ProApps TROJAN Variant.Strictor.47231 Checkin (trojan.rules) [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Wed Oct 19 11:55:57 2016 [***] [+++] Added rules: 0 [+++] [+++] Modify rules: 0 [+++] [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Wed Oct 19 11:27:09 2016 [***] [+++] Added rules: 7 [+++] 2403418 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 119 (ciarmy.rules) 2403419 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 120 (ciarmy.rules) 2403420 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 121 (ciarmy.rules) 2403421 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 122 (ciarmy.rules) 2403422 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 123 (ciarmy.rules) 2403423 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 124 (ciarmy.rules) 2403424 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 125 (ciarmy.rules) [+++] Modify rules: 119 [+++] 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2403400 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 101 (ciarmy.rules) 2403401 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 102 (ciarmy.rules) 2403402 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 103 (ciarmy.rules) 2403403 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 104 (ciarmy.rules) 2403404 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 105 (ciarmy.rules) 2403405 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 106 (ciarmy.rules) 2403406 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 107 (ciarmy.rules) 2403407 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 108 (ciarmy.rules) 2403408 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 109 (ciarmy.rules) 2403409 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 110 (ciarmy.rules) 2403410 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 111 (ciarmy.rules) 2403411 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 112 (ciarmy.rules) 2403412 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 113 (ciarmy.rules) 2403413 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 114 (ciarmy.rules) 2403414 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 115 (ciarmy.rules) 2403415 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 116 (ciarmy.rules) 2403416 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 117 (ciarmy.rules) 2403417 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 118 (ciarmy.rules) [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Tue Oct 18 16:52:03 2016 [***] [+++] Added rules: 56 [+++] 2023344 - ProApps TROJAN APT28 DealersChoice.B DNS Lookup (appexsrv .net) (trojan.rules) 2023345 - ProApps TROJAN Win32/CryPy Ransomware CnC Checkin (trojan.rules) 2023346 - ProApps TROJAN Win32/CryPy Ransomware Encrypting File (trojan.rules) 2023347 - ProApps TROJAN ABUSE.CH SSL Fingerprint Blacklist Malicious SSL Certificate Detected (Gootkit C2) (trojan.rules) 2023348 - ProApps TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gozi MITM) (trojan.rules) 2403403 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 104 (ciarmy.rules) 2403404 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 105 (ciarmy.rules) 2403405 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 106 (ciarmy.rules) 2403406 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 107 (ciarmy.rules) 2403407 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 108 (ciarmy.rules) 2403408 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 109 (ciarmy.rules) 2403409 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 110 (ciarmy.rules) 2403410 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 111 (ciarmy.rules) 2403411 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 112 (ciarmy.rules) 2403412 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 113 (ciarmy.rules) 2403413 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 114 (ciarmy.rules) 2403414 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 115 (ciarmy.rules) 2403415 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 116 (ciarmy.rules) 2403416 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 117 (ciarmy.rules) 2403417 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 118 (ciarmy.rules) 2822694 - ProApps TROJAN Observed Malicious SSL Cert (Zeus Panda) (trojan.rules) 2822695 - ProApps TROJAN MSIL/ApolloHTTP Bot CnC Checkin (trojan.rules) 2822696 - ProApps TROJAN MSIL/ApolloHTTP Bot CnC Keep-Alive (trojan.rules) 2822697 - ProApps CURRENT_EVENTS MalDoc Downloader Retrieving Payload Oct 14 (current_events.rules) 2822698 - ProApps TROJAN DNS Query to Cerber Domain (io9ygi . bid) (trojan.rules) 2822699 - ProApps TROJAN DNS Query to Cerber Domain (tolgens . black) (trojan.rules) 2822700 - ProApps TROJAN DNS Query to Cerber Domain (wheelball . black) (trojan.rules) 2822701 - ProApps TROJAN DNS Query to Cerber Domain (vpsj40 . top) (trojan.rules) 2822702 - ProApps TROJAN DNS Query to Cerber Domain (yoursdoor . lol) (trojan.rules) 2822703 - ProApps TROJAN DNS Query to Cerber Domain (patchmans . gdn) (trojan.rules) 2822704 - ProApps TROJAN DNS Query to Cerber Domain (065ism . bid) (trojan.rules) 2822705 - ProApps TROJAN DNS Query to Cerber Domain (getsbug . kim) (trojan.rules) 2822706 - ProApps TROJAN DNS Query to Cerber Domain (stageend . link) (trojan.rules) 2822707 - ProApps TROJAN DNS Query to Cerber Domain (hotcopies . bid) (trojan.rules) 2822708 - ProApps CURRENT_EVENTS Successful Outlook Phish Oct 18 2016 (current_events.rules) 2822709 - ProApps CURRENT_EVENTS Successful Amazon Phish Oct 18 2016 (current_events.rules) 2822710 - ProApps CURRENT_EVENTS Successful BancoPosta Click Phish Oct 18 2016 (current_events.rules) 2822711 - ProApps CURRENT_EVENTS Successful DHL Phish Oct 18 2016 (current_events.rules) 2822712 - ProApps CURRENT_EVENTS Successful Banco de la Nacion Phish Oct 18 2016 (current_events.rules) 2822713 - ProApps CURRENT_EVENTS Successful Alibaba Phish Oct 18 2016 (current_events.rules) 2822714 - ProApps CURRENT_EVENTS Successful CIMB Clicks Malaysia Phish Oct 18 2016 (current_events.rules) 2822715 - ProApps CURRENT_EVENTS Successful Western Union Phish M1 Oct 18 2016 (current_events.rules) 2822716 - ProApps CURRENT_EVENTS Successful Mobile Western Union Phish M1 Oct 18 2016 (current_events.rules) 2822717 - ProApps CURRENT_EVENTS Successful Western Union Phish M2 Oct 18 2016 (current_events.rules) 2822718 - ProApps CURRENT_EVENTS Successful Mobile Western Union Phish M2 Oct 18 2016 (current_events.rules) 2822719 - ProApps CURRENT_EVENTS Successful WhatsApp Phish M1 Oct 18 2016 (current_events.rules) 2822720 - ProApps CURRENT_EVENTS Successful WhatsApp Phish M2 Oct 18 2016 (current_events.rules) 2822721 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2822722 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2822723 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher SSL CnC Cert (mobile_malware.rules) 2822724 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher SSL CnC Cert (mobile_malware.rules) 2822725 - ProApps CURRENT_EVENTS Successful Amazon Phish Oct 18 2016 (current_events.rules) 2822726 - ProApps CURRENT_EVENTS Successful Chase Phish Oct 18 2016 (current_events.rules) 2822727 - ProApps CURRENT_EVENTS Successful TD Bank Phish M1 Oct 18 2016 (current_events.rules) 2822728 - ProApps CURRENT_EVENTS Successful TD Bank Phish M2 Oct 18 2016 (current_events.rules) 2822729 - ProApps CURRENT_EVENTS Successful Microsoft Live Email Account Phish Oct 18 2016 (current_events.rules) [+++] Modify rules: 113 [+++] 2020611 - ProApps TROJAN Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 52 (trojan.rules) 2021430 - ProApps CURRENT_EVENTS Possible IE MSMXL Detection of Local SYS (Likely Malicious) (current_events.rules) 2022008 - ProApps TROJAN MWI Maldoc Stats Callout Oct 28 (trojan.rules) 2022535 - ProApps TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Dridex) (trojan.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2403400 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 101 (ciarmy.rules) 2403401 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 102 (ciarmy.rules) 2403402 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 103 (ciarmy.rules) 2804112 - ProApps TROJAN Backdoor.Win32.Bifrose User-Agent (Mozilla/4.0 (compatible; MSIE 6.0; Win32) httpbot) (trojan.rules) 2809849 - ProApps TROJAN Cobalt Strike Covert DNS CnC Channel TXT Response (tcp) (trojan.rules) 2809850 - ProApps TROJAN Cobalt Strike Covert DNS CnC Channel TXT Lookup (udp) (trojan.rules) 2809851 - ProApps TROJAN Cobalt Strike Covert DNS CnC Channel TXT Lookup (tcp) (trojan.rules) 2811807 - ProApps TROJAN Win32/Agent.NEJ HTTP Request (hi.baidu.com) (trojan.rules) [+++] Removed rules: 1 [+++] 2822067 - ProApps TROJAN Win32/CryPy Ransomware CnC Checkin (trojan.rules) [***] ProApps Security IDS Rules Changelog started Mon Oct 17 17:21:46 2016 [***] [+++] Added rules: 274 [+++] 2023342 - ProApps TROJAN Malicious SSL certificate detected (Powershell Trojan) (trojan.rules) 2023343 - ProApps CURRENT_EVENTS Evil Redirector Leading to EK EITest Inject Oct 17 2016 (current_events.rules) 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules) 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules) 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules) 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules) 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules) 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules) 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules) 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules) 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules) 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules) 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules) 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules) 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules) 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules) 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules) 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules) 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules) 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules) 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules) 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules) 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules) 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules) 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules) 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules) 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules) 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules) 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules) 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules) 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules) 2403400 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 101 (ciarmy.rules) 2403401 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 102 (ciarmy.rules) 2403402 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 103 (ciarmy.rules) 2820268 - ProApps TROJAN DNS Query to Cerber Domain (kipfgs65s . com) (trojan.rules) 2820269 - ProApps TROJAN DNS Query to Cerber Domain (fastpaybtc . com) (trojan.rules) 2820284 - ProApps TROJAN DNS Query to Cerber Domain (easypaybtc . com) (trojan.rules) 2820408 - ProApps TROJAN DNS Query to Cerber Domain (tewoaq . win) (trojan.rules) 2820409 - ProApps TROJAN DNS Query to Cerber Domain (red4is . win) (trojan.rules) 2820411 - ProApps TROJAN DNS Query to Cerber Domain (to6maq . win) (trojan.rules) 2820412 - ProApps TROJAN DNS Query to Cerber Domain (maqwe5 . win) (trojan.rules) 2820413 - ProApps TROJAN DNS Query to Cerber Domain (wewiso . win) (trojan.rules) 2820414 - ProApps TROJAN DNS Query to Cerber Domain (nerti5 . win) (trojan.rules) 2820415 - ProApps TROJAN DNS Query to Cerber Domain (raress . win) (trojan.rules) 2820416 - ProApps TROJAN DNS Query to Cerber Domain (workju . win) (trojan.rules) 2820417 - ProApps TROJAN DNS Query to Cerber Domain (wet4io . win) (trojan.rules) 2820418 - ProApps TROJAN DNS Query to Cerber Domain (mix3hi . win) (trojan.rules) 2820419 - ProApps TROJAN DNS Query to Cerber Domain (oneswi . win) (trojan.rules) 2820420 - ProApps TROJAN DNS Query to Cerber Domain (lib2vi . win) (trojan.rules) 2820421 - ProApps TROJAN DNS Query to Cerber Domain (tigifc . win) (trojan.rules) 2820422 - ProApps TROJAN DNS Query to Cerber Domain (ti4wic . win) (trojan.rules) 2820423 - ProApps TROJAN DNS Query to Cerber Domain (amdeu5 . win) (trojan.rules) 2820424 - ProApps TROJAN DNS Query to Cerber Domain (moneu5 . win) (trojan.rules) 2820425 - ProApps TROJAN DNS Query to Cerber Domain (m5gid4 . win) (trojan.rules) 2820426 - ProApps TROJAN DNS Query to Cerber Domain (m5fgoi . win) (trojan.rules) 2820427 - ProApps TROJAN DNS Query to Cerber Domain (wins4n . win) (trojan.rules) 2820428 - ProApps TROJAN DNS Query to Cerber Domain (m5gips . win) (trojan.rules) 2820496 - ProApps TROJAN DNS Query to Cerber Domain (azwsxe . win) (trojan.rules) 2820497 - ProApps TROJAN DNS Query to Cerber Domain (xzcfr4 . win) (trojan.rules) 2820498 - ProApps TROJAN DNS Query to Cerber Domain (asd3r3 . win) (trojan.rules) 2820499 - ProApps TROJAN DNS Query to Cerber Domain (fgfid6 . win) (trojan.rules) 2820500 - ProApps TROJAN DNS Query to Cerber Domain (werti4 . win) (trojan.rules) 2820501 - ProApps TROJAN DNS Query to Cerber Domain (azlto5 . win) (trojan.rules) 2820502 - ProApps TROJAN DNS Query to Cerber Domain (sdfiso . win) (trojan.rules) 2820503 - ProApps TROJAN DNS Query to Cerber Domain (ad34ft . win) (trojan.rules) 2820504 - ProApps TROJAN DNS Query to Cerber Domain (asxce4 . win) (trojan.rules) 2820505 - ProApps TROJAN DNS Query to Cerber Domain (sims6n . win) (trojan.rules) 2820507 - ProApps TROJAN DNS Query to Cerber Domain (45kgok . win) (trojan.rules) 2820716 - ProApps TROJAN DNS Query to Cerber Domain (lfotp5 . win) (trojan.rules) 2820717 - ProApps TROJAN DNS Query to Cerber Domain (6oifgr . win) (trojan.rules) 2820718 - ProApps TROJAN DNS Query to Cerber Domain (zx34jk . win) (trojan.rules) 2820720 - ProApps TROJAN DNS Query to Cerber Domain (xo59ok . win) (trojan.rules) 2820721 - ProApps TROJAN DNS Query to Cerber Domain (rt4e34 . win) (trojan.rules) 2820722 - ProApps TROJAN DNS Query to Cerber Domain (as13fd . win) (trojan.rules) 2820723 - ProApps TROJAN DNS Query to Cerber Domain (xlfp45 . win) (trojan.rules) 2820724 - ProApps TROJAN DNS Query to Cerber Domain (xltnet . win) (trojan.rules) 2820725 - ProApps TROJAN DNS Query to Cerber Domain (ret5kr . win) (trojan.rules) 2820726 - ProApps TROJAN DNS Query to Cerber Domain (xmfhr6 . win) (trojan.rules) 2820729 - ProApps TROJAN DNS Query to Cerber Domain (slr849 . win) (trojan.rules) 2820730 - ProApps TROJAN DNS Query to Cerber Domain (zgf48j . win) (trojan.rules) 2820818 - ProApps TROJAN DNS Query to Cerber Domain (dkrti5 . win) (trojan.rules) 2820819 - ProApps TROJAN DNS Query to Cerber Domain (vmfu48 . win) (trojan.rules) 2820820 - ProApps TROJAN DNS Query to Cerber Domain (gkfit9 . win) (trojan.rules) 2820821 - ProApps TROJAN DNS Query to Cerber Domain (cneo59 . win) (trojan.rules) 2820823 - ProApps TROJAN DNS Query to Cerber Domain (xmfir0 . win) (trojan.rules) 2820865 - ProApps TROJAN DNS Query to Cerber Domain (305iot . win) (trojan.rules) 2820866 - ProApps TROJAN DNS Query to Cerber Domain (djre89 . win) (trojan.rules) 2820867 - ProApps TROJAN DNS Query to Cerber Domain (fkri48 . win) (trojan.rules) 2820869 - ProApps TROJAN DNS Query to Cerber Domain (xmfjr7 . top) (trojan.rules) 2821007 - ProApps TROJAN DNS Query to Cerber Domain (xtrvb4 . win) (trojan.rules) 2821008 - ProApps TROJAN DNS Query to Cerber Domain (ie7t8k . top) (trojan.rules) 2821010 - ProApps TROJAN DNS Query to Cerber Domain (alri58 . win) (trojan.rules) 2821013 - ProApps TROJAN DNS Query to Cerber Domain (fkgrie . top) (trojan.rules) 2821047 - ProApps TROJAN DNS Query to Cerber Domain (5kti58 . top) (trojan.rules) 2821048 - ProApps TROJAN DNS Query to Cerber Domain (xmfkr8 . top) (trojan.rules) 2821049 - ProApps TROJAN DNS Query to Cerber Domain (to6maq . top) (trojan.rules) 2821050 - ProApps TROJAN DNS Query to Cerber Domain (vmfur5 . top) (trojan.rules) 2821051 - ProApps TROJAN DNS Query to Cerber Domain (lfotp5 . top) (trojan.rules) 2821052 - ProApps TROJAN DNS Query to Cerber Domain (we34re . top) (trojan.rules) 2821108 - ProApps TROJAN DNS Query to Cerber Domain (adevf4 . win) (trojan.rules) 2821112 - ProApps TROJAN DNS Query to Cerber Domain (fgfid6 . top) (trojan.rules) 2821113 - ProApps TROJAN DNS Query to Cerber Domain (fkr84i . win) (trojan.rules) 2821114 - ProApps TROJAN DNS Query to Cerber Domain (45gf4t . win) (trojan.rules) 2821151 - ProApps TROJAN DNS Query to Cerber Domain (cmti5o . win) (trojan.rules) 2821214 - ProApps TROJAN DNS Query to Cerber Domain (asd3r3 . top) (trojan.rules) 2821217 - ProApps TROJAN DNS Query to Cerber Domain (bestfordownload . click) (trojan.rules) 2821218 - ProApps TROJAN DNS Query to Cerber Domain (6ogy3i . top) (trojan.rules) 2821220 - ProApps TROJAN DNS Query to Cerber Domain (7jiff7 . top) (trojan.rules) 2821221 - ProApps TROJAN DNS Query to Cerber Domain (o08a6d . top) (trojan.rules) 2821222 - ProApps TROJAN DNS Query to Cerber Domain (k7oud1 . top) (trojan.rules) 2821223 - ProApps TROJAN DNS Query to Cerber Domain (gletterstan . trade) (trojan.rules) 2821224 - ProApps TROJAN DNS Query to Cerber Domain (j92msu . top) (trojan.rules) 2821239 - ProApps TROJAN DNS Query to Cerber Domain (g0ots2 . top) (trojan.rules) 2821241 - ProApps TROJAN DNS Query to Cerber Domain (wer56t . top) (trojan.rules) 2821242 - ProApps TROJAN DNS Query to Cerber Domain (kml2o2 . top) (trojan.rules) 2821243 - ProApps TROJAN DNS Query to Cerber Domain (ka0te8 . top) (trojan.rules) 2821246 - ProApps TROJAN DNS Query to Cerber Domain (moonsides . faith) (trojan.rules) 2821249 - ProApps TROJAN DNS Query to Cerber Domain (9nj8ex . top) (trojan.rules) 2821254 - ProApps TROJAN DNS Query to Cerber Domain (bigfooters . loan) (trojan.rules) 2821255 - ProApps TROJAN DNS Query to Cerber Domain (c7ex9n . top) (trojan.rules) 2821256 - ProApps TROJAN DNS Query to Cerber Domain (viceled . pw) (trojan.rules) 2821257 - ProApps TROJAN DNS Query to Cerber Domain (ujtwhg . top) (trojan.rules) 2821258 - ProApps TROJAN DNS Query to Cerber Domain (9ildst . top) (trojan.rules) 2821260 - ProApps TROJAN DNS Query to Cerber Domain (marksgain . kim) (trojan.rules) 2821261 - ProApps TROJAN DNS Query to Cerber Domain (ep493u . top) (trojan.rules) 2821262 - ProApps TROJAN DNS Query to Cerber Domain (nameuser . site) (trojan.rules) 2821263 - ProApps TROJAN DNS Query to Cerber Domain (fgkr56 . top) (trojan.rules) 2821266 - ProApps TROJAN DNS Query to Cerber Domain (p2lsgr . top) (trojan.rules) 2821267 - ProApps TROJAN DNS Query to Cerber Domain (o2dval . top) (trojan.rules) 2821268 - ProApps TROJAN DNS Query to Cerber Domain (chargecar . vip) (trojan.rules) 2821269 - ProApps TROJAN DNS Query to Cerber Domain (cmri58 . top) (trojan.rules) 2821270 - ProApps TROJAN DNS Query to Cerber Domain (p8rruv . top) (trojan.rules) 2821272 - ProApps TROJAN DNS Query to Cerber Domain (xkfi59 . top) (trojan.rules) 2821273 - ProApps TROJAN DNS Query to Cerber Domain (x1kofw . top) (trojan.rules) 2821275 - ProApps TROJAN DNS Query to Cerber Domain (58na23 . top) (trojan.rules) 2821276 - ProApps TROJAN DNS Query to Cerber Domain (zclw5i . top) (trojan.rules) 2821278 - ProApps TROJAN DNS Query to Cerber Domain (5b1s82 . top) (trojan.rules) 2821279 - ProApps TROJAN DNS Query to Cerber Domain (hasterlyston . cloud) (trojan.rules) 2821281 - ProApps TROJAN DNS Query to Cerber Domain (xmfru5 . top) (trojan.rules) 2821282 - ProApps TROJAN DNS Query to Cerber Domain (laverhants . link) (trojan.rules) 2821283 - ProApps TROJAN DNS Query to Cerber Domain (kcufx4 . top) (trojan.rules) 2821284 - ProApps TROJAN DNS Query to Cerber Domain (0225r5 . top) (trojan.rules) 2821285 - ProApps TROJAN DNS Query to Cerber Domain (lk0bzc . top) (trojan.rules) 2821286 - ProApps TROJAN DNS Query to Cerber Domain (hlu8yz . top) (trojan.rules) 2821288 - ProApps TROJAN DNS Query to Cerber Domain (azwsxe . top) (trojan.rules) 2821291 - ProApps TROJAN DNS Query to Cerber Domain (thyx30 . top) (trojan.rules) 2821293 - ProApps TROJAN DNS Query to Cerber Domain (grewmarks . vip) (trojan.rules) 2821294 - ProApps TROJAN DNS Query to Cerber Domain (4oti58 . top) (trojan.rules) 2821295 - ProApps TROJAN DNS Query to Cerber Domain (3lhjyx . top) (trojan.rules) 2821296 - ProApps TROJAN DNS Query to Cerber Domain (mtxtul . top) (trojan.rules) 2821298 - ProApps TROJAN DNS Query to Cerber Domain (092vu8 . top) (trojan.rules) 2821299 - ProApps TROJAN DNS Query to Cerber Domain (b7mciu . top) (trojan.rules) 2821301 - ProApps TROJAN DNS Query to Cerber Domain (self56 . top) (trojan.rules) 2821302 - ProApps TROJAN DNS Query to Cerber Domain (sentowing . trade) (trojan.rules) 2821303 - ProApps TROJAN DNS Query to Cerber Domain (yv7l4b . top) (trojan.rules) 2821304 - ProApps TROJAN DNS Query to Cerber Domain (freshsdog . loan) (trojan.rules) 2821306 - ProApps TROJAN DNS Query to Cerber Domain (pap44w . top) (trojan.rules) 2821307 - ProApps TROJAN DNS Query to Cerber Domain (frn62e . top) (trojan.rules) 2821428 - ProApps TROJAN DNS Query to Cerber Domain (0vgu64 . top) (trojan.rules) 2821429 - ProApps TROJAN DNS Query to Cerber Domain (143h2a . top) (trojan.rules) 2821430 - ProApps TROJAN DNS Query to Cerber Domain (1bipa9 . top) (trojan.rules) 2821431 - ProApps TROJAN DNS Query to Cerber Domain (1de02r . top) (trojan.rules) 2821434 - ProApps TROJAN DNS Query to Cerber Domain (308an1 . top) (trojan.rules) 2821437 - ProApps TROJAN DNS Query to Cerber Domain (3odvfb . top) (trojan.rules) 2821438 - ProApps TROJAN DNS Query to Cerber Domain (43wjor . top) (trojan.rules) 2821439 - ProApps TROJAN DNS Query to Cerber Domain (4ynpjd . top) (trojan.rules) 2821441 - ProApps TROJAN DNS Query to Cerber Domain (67j6ht . top) (trojan.rules) 2821445 - ProApps TROJAN DNS Query to Cerber Domain (ageshere . club) (trojan.rules) 2821446 - ProApps TROJAN DNS Query to Cerber Domain (anypicked . red) (trojan.rules) 2821451 - ProApps TROJAN DNS Query to Cerber Domain (apwzbe . top) (trojan.rules) 2821453 - ProApps TROJAN DNS Query to Cerber Domain (aredark . mobi) (trojan.rules) 2821454 - ProApps TROJAN DNS Query to Cerber Domain (barberryshin . casa) (trojan.rules) 2821455 - ProApps TROJAN DNS Query to Cerber Domain (biologyup . date) (trojan.rules) 2821456 - ProApps TROJAN DNS Query to Cerber Domain (bnctf6 . top) (trojan.rules) 2821457 - ProApps TROJAN DNS Query to Cerber Domain (bookjumps . us) (trojan.rules) 2821458 - ProApps TROJAN DNS Query to Cerber Domain (boxsame . kim) (trojan.rules) 2821460 - ProApps TROJAN DNS Query to Cerber Domain (clockhate . loan) (trojan.rules) 2821461 - ProApps TROJAN DNS Query to Cerber Domain (costlady . pw) (trojan.rules) 2821462 - ProApps TROJAN DNS Query to Cerber Domain (crispkey . mobi) (trojan.rules) 2821465 - ProApps TROJAN DNS Query to Cerber Domain (dd4xo3 . top) (trojan.rules) 2821466 - ProApps TROJAN DNS Query to Cerber Domain (dkrie7 . top) (trojan.rules) 2821467 - ProApps TROJAN DNS Query to Cerber Domain (dkro3u . top) (trojan.rules) 2821468 - ProApps TROJAN DNS Query to Cerber Domain (doggain . mobi) (trojan.rules) 2821469 - ProApps TROJAN DNS Query to Cerber Domain (dozensby . loan) (trojan.rules) 2821470 - ProApps TROJAN DNS Query to Cerber Domain (eatsdeal . black) (trojan.rules) 2821480 - ProApps TROJAN DNS Query to Cerber Domain (fewbreaks . club) (trojan.rules) 2821481 - ProApps TROJAN DNS Query to Cerber Domain (fishtotal . bid) (trojan.rules) 2821482 - ProApps TROJAN DNS Query to Cerber Domain (flewleast . link) (trojan.rules) 2821483 - ProApps TROJAN DNS Query to Cerber Domain (flyingsix . red) (trojan.rules) 2821484 - ProApps TROJAN DNS Query to Cerber Domain (folkturns . date) (trojan.rules) 2821485 - ProApps TROJAN DNS Query to Cerber Domain (g9tneb . top) (trojan.rules) 2821486 - ProApps TROJAN DNS Query to Cerber Domain (gameswarm . loan) (trojan.rules) 2821488 - ProApps TROJAN DNS Query to Cerber Domain (gnee6i . top) (trojan.rules) 2821489 - ProApps TROJAN DNS Query to Cerber Domain (gonesolve . lol) (trojan.rules) 2821490 - ProApps TROJAN DNS Query to Cerber Domain (gpy3tc . top) (trojan.rules) 2821491 - ProApps TROJAN DNS Query to Cerber Domain (groupline . info) (trojan.rules) 2821492 - ProApps TROJAN DNS Query to Cerber Domain (gtnfgj . top) (trojan.rules) 2821493 - ProApps TROJAN DNS Query to Cerber Domain (hf60kb . top) (trojan.rules) 2821494 - ProApps TROJAN DNS Query to Cerber Domain (hw7o9w . top) (trojan.rules) 2821495 - ProApps TROJAN DNS Query to Cerber Domain (iixz3g . top) (trojan.rules) 2821496 - ProApps TROJAN DNS Query to Cerber Domain (innerband . lol) (trojan.rules) 2821497 - ProApps TROJAN DNS Query to Cerber Domain (jn8ncm . top) (trojan.rules) 2821498 - ProApps TROJAN DNS Query to Cerber Domain (jumplived . in) (trojan.rules) 2821500 - ProApps TROJAN DNS Query to Cerber Domain (knowhands . us) (trojan.rules) 2821501 - ProApps TROJAN DNS Query to Cerber Domain (kswcuk . top) (trojan.rules) 2821503 - ProApps TROJAN DNS Query to Cerber Domain (liescale . in) (trojan.rules) 2821504 - ProApps TROJAN DNS Query to Cerber Domain (lorrydo . lol) (trojan.rules) 2821506 - ProApps TROJAN DNS Query to Cerber Domain (metmet . win) (trojan.rules) 2821507 - ProApps TROJAN DNS Query to Cerber Domain (mileslook . pro) (trojan.rules) 2821508 - ProApps TROJAN DNS Query to Cerber Domain (msu96b . top) (trojan.rules) 2821510 - ProApps TROJAN DNS Query to Cerber Domain (nearlybut . us) (trojan.rules) 2821511 - ProApps TROJAN DNS Query to Cerber Domain (needmight . win) (trojan.rules) 2821512 - ProApps TROJAN DNS Query to Cerber Domain (nextask . loan) (trojan.rules) 2821513 - ProApps TROJAN DNS Query to Cerber Domain (nfgpeb . top) (trojan.rules) 2821514 - ProApps TROJAN DNS Query to Cerber Domain (ninedraws . black) (trojan.rules) 2821515 - ProApps TROJAN DNS Query to Cerber Domain (nowants . pw) (trojan.rules) 2821516 - ProApps TROJAN DNS Query to Cerber Domain (og5ezh . top) (trojan.rules) 2821517 - ProApps TROJAN DNS Query to Cerber Domain (plambers . bid) (trojan.rules) 2821518 - ProApps TROJAN DNS Query to Cerber Domain (plotbet . gdn) (trojan.rules) 2821519 - ProApps TROJAN DNS Query to Cerber Domain (powersno . link) (trojan.rules) 2821532 - ProApps TROJAN DNS Query to Cerber Domain (redefined . click) (trojan.rules) 2821533 - ProApps TROJAN DNS Query to Cerber Domain (relyleafs . click) (trojan.rules) 2821534 - ProApps TROJAN DNS Query to Cerber Domain (ridsimply . top) (trojan.rules) 2821535 - ProApps TROJAN DNS Query to Cerber Domain (rl0bdw . top) (trojan.rules) 2821537 - ProApps TROJAN DNS Query to Cerber Domain (sayssales . bid) (trojan.rules) 2821538 - ProApps TROJAN DNS Query to Cerber Domain (seenmust . pro) (trojan.rules) 2821539 - ProApps TROJAN DNS Query to Cerber Domain (sk8r54 . top) (trojan.rules) 2821540 - ProApps TROJAN DNS Query to Cerber Domain (ssd5gt . top) (trojan.rules) 2821541 - ProApps TROJAN DNS Query to Cerber Domain (stopsage . gdn) (trojan.rules) 2821542 - ProApps TROJAN DNS Query to Cerber Domain (thanreal . link) (trojan.rules) 2821543 - ProApps TROJAN DNS Query to Cerber Domain (themevery . win) (trojan.rules) 2821544 - ProApps TROJAN DNS Query to Cerber Domain (topicside . club) (trojan.rules) 2821545 - ProApps TROJAN DNS Query to Cerber Domain (v11z5e . top) (trojan.rules) 2821546 - ProApps TROJAN DNS Query to Cerber Domain (variedtax . kim) (trojan.rules) 2821547 - ProApps TROJAN DNS Query to Cerber Domain (vkm4l6 . top) (trojan.rules) 2821550 - ProApps TROJAN DNS Query to Cerber Domain (wonrough . in) (trojan.rules) 2821551 - ProApps TROJAN DNS Query to Cerber Domain (worsemine . pro) (trojan.rules) 2821552 - ProApps TROJAN DNS Query to Cerber Domain (wz139z . top) (trojan.rules) 2821554 - ProApps TROJAN DNS Query to Cerber Domain (y721yz . top) (trojan.rules) 2821556 - ProApps TROJAN DNS Query to Cerber Domain (z7ud98 . top) (trojan.rules) 2822660 - ProApps TROJAN Malicious SSL certificate detected (Gootkit CnC) (trojan.rules) 2822661 - ProApps CURRENT_EVENTS Successful Alibaba Phish M1 Oct 17 2016 (current_events.rules) 2822662 - ProApps CURRENT_EVENTS Successful Paypal Phish M1 Oct 17 2016 (current_events.rules) 2822663 - ProApps CURRENT_EVENTS Successful Paypal Phish M2 Oct 17 2016 (current_events.rules) 2822664 - ProApps CURRENT_EVENTS Successful Wells Fargo Phish Oct 17 2016 (current_events.rules) 2822665 - ProApps CURRENT_EVENTS Successful Amazon (UK) Phish Phish Oct 17 2016 (current_events.rules) 2822666 - ProApps CURRENT_EVENTS Successful Visa Online Phish Oct 17 2016 (current_events.rules) 2822667 - ProApps CURRENT_EVENTS Successful Alibaba Phish M2 Oct 17 2016 (current_events.rules) 2822668 - ProApps CURRENT_EVENTS Successful Apple Phish Oct 17 2016 (current_events.rules) 2822669 - ProApps CURRENT_EVENTS Successful Chase Phish M1 Oct 17 2016 (current_events.rules) 2822670 - ProApps CURRENT_EVENTS Successful Chase Phish M2 Oct 17 2016 (current_events.rules) 2822671 - ProApps CURRENT_EVENTS Possible Successful Generic Phish (set) Oct 17 (current_events.rules) 2822672 - ProApps TROJAN Unknown Backdoor Client Checkin (trojan.rules) 2822673 - ProApps TROJAN DNS Query to Cerber Domain (kb6051 . bid) (trojan.rules) 2822674 - ProApps TROJAN DNS Query to Cerber Domain (oldboxs . red) (trojan.rules) 2822675 - ProApps TROJAN DNS Query to Cerber Domain (hhc366 . bid) (trojan.rules) 2822676 - ProApps TROJAN DNS Query to Cerber Domain (ev99ln . bid) (trojan.rules) 2822677 - ProApps TROJAN DNS Query to Cerber Domain (homehuge . top) (trojan.rules) 2822678 - ProApps TROJAN DNS Query to Cerber Domain (flowpoint . black) (trojan.rules) 2822679 - ProApps TROJAN DNS Query to Cerber Domain (onlyprove . top) (trojan.rules) 2822680 - ProApps TROJAN DNS Query to Cerber Domain (uwckha . top) (trojan.rules) 2822681 - ProApps TROJAN DNS Query to Cerber Domain (249isv . bid) (trojan.rules) 2822682 - ProApps TROJAN DNS Query to Cerber Domain (pfija1 . bid) (trojan.rules) 2822683 - ProApps TROJAN MSIL/Exotic Ransomware Image Request (trojan.rules) 2822684 - ProApps MALWARE MalwareProtectionLive PUP Activity (malware.rules) 2822685 - ProApps TROJAN TheTrick Banking Trojan Affiliate Download (trojan.rules) 2822686 - ProApps TROJAN Win32/Etumbot.G CnC SSL Certificate Detected (trojan.rules) 2822687 - ProApps TROJAN Win32/Nagram/Rakhni Dropping RAR (trojan.rules) 2822688 - ProApps CURRENT_EVENTS SunDown EK Payload Oct 17 2016 (current_events.rules) 2822689 - ProApps CURRENT_EVENTS SunDown EK Payload Oct 17 2016 M2 (current_events.rules) 2822690 - ProApps CURRENT_EVENTS Bizarro SunDown EK Flash Exploit Oct 17 2016 (current_events.rules) 2822691 - ProApps TROJAN Unknown Potentially Malicious Traffic 1 (trojan.rules) 2822692 - ProApps TROJAN Potentially Malicious Traffic 2 (trojan.rules) 2822693 - ProApps TROJAN Potentially Malicious Traffic 3 (trojan.rules) [+++] Modify rules: 108 [+++] 2022217 - ProApps CURRENT_EVENTS Successful Google Drive Phish Sept 1 M1 (current_events.rules) 2400000 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 1 (drop.rules) 2400001 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 2 (drop.rules) 2400002 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 3 (drop.rules) 2400003 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 4 (drop.rules) 2400004 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 5 (drop.rules) 2400005 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 6 (drop.rules) 2400006 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 7 (drop.rules) 2400007 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 8 (drop.rules) 2400008 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 9 (drop.rules) 2400009 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 10 (drop.rules) 2400010 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 11 (drop.rules) 2400011 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 12 (drop.rules) 2400012 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 13 (drop.rules) 2400013 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 14 (drop.rules) 2400014 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 15 (drop.rules) 2400015 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 16 (drop.rules) 2400016 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 17 (drop.rules) 2400017 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 18 (drop.rules) 2400018 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 19 (drop.rules) 2400019 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 20 (drop.rules) 2400020 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 21 (drop.rules) 2400021 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 22 (drop.rules) 2400022 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 23 (drop.rules) 2400023 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 24 (drop.rules) 2400024 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 25 (drop.rules) 2400025 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 26 (drop.rules) 2400026 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 27 (drop.rules) 2400027 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 28 (drop.rules) 2400028 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 29 (drop.rules) 2400029 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 30 (drop.rules) 2400030 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 31 (drop.rules) 2400031 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 32 (drop.rules) 2400032 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 33 (drop.rules) 2400033 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 34 (drop.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2822482 - ProApps CURRENT_EVENTS SunDown/Xer Payload (URL Primer) (current_events.rules) [+++] Removed rules: 209 [+++] 2023339 - ProApps TROJAN Unknown Potentially Malicious Traffic 1 (trojan.rules) 2023340 - ProApps TROJAN Unknown Potentially Malicious Traffic 2 (trojan.rules) 2023341 - ProApps TROJAN Unknown Potentially Malicious Traffic 3 (trojan.rules) 2820268 - ProApps EXPLOIT DNS Query to Cerber Domain (kipfgs65s . com) (exploit.rules) 2820269 - ProApps EXPLOIT DNS Query to Cerber Domain (fastpaybtc . com) (exploit.rules) 2820284 - ProApps EXPLOIT DNS Query to Cerber Domain (easypaybtc . com) (exploit.rules) 2820408 - ProApps EXPLOIT DNS Query to Cerber Domain (tewoaq . win) (exploit.rules) 2820409 - ProApps EXPLOIT DNS Query to Cerber Domain (red4is . win) (exploit.rules) 2820411 - ProApps EXPLOIT DNS Query to Cerber Domain (to6maq . win) (exploit.rules) 2820412 - ProApps EXPLOIT DNS Query to Cerber Domain (maqwe5 . win) (exploit.rules) 2820413 - ProApps EXPLOIT DNS Query to Cerber Domain (wewiso . win) (exploit.rules) 2820414 - ProApps EXPLOIT DNS Query to Cerber Domain (nerti5 . win) (exploit.rules) 2820415 - ProApps EXPLOIT DNS Query to Cerber Domain (raress . win) (exploit.rules) 2820416 - ProApps EXPLOIT DNS Query to Cerber Domain (workju . win) (exploit.rules) 2820417 - ProApps EXPLOIT DNS Query to Cerber Domain (wet4io . win) (exploit.rules) 2820418 - ProApps EXPLOIT DNS Query to Cerber Domain (mix3hi . win) (exploit.rules) 2820419 - ProApps EXPLOIT DNS Query to Cerber Domain (oneswi . win) (exploit.rules) 2820420 - ProApps EXPLOIT DNS Query to Cerber Domain (lib2vi . win) (exploit.rules) 2820421 - ProApps EXPLOIT DNS Query to Cerber Domain (tigifc . win) (exploit.rules) 2820422 - ProApps EXPLOIT DNS Query to Cerber Domain (ti4wic . win) (exploit.rules) 2820423 - ProApps EXPLOIT DNS Query to Cerber Domain (amdeu5 . win) (exploit.rules) 2820424 - ProApps EXPLOIT DNS Query to Cerber Domain (moneu5 . win) (exploit.rules) 2820425 - ProApps EXPLOIT DNS Query to Cerber Domain (m5gid4 . win) (exploit.rules) 2820426 - ProApps EXPLOIT DNS Query to Cerber Domain (m5fgoi . win) (exploit.rules) 2820427 - ProApps EXPLOIT DNS Query to Cerber Domain (wins4n . win) (exploit.rules) 2820428 - ProApps EXPLOIT DNS Query to Cerber Domain (m5gips . win) (exploit.rules) 2820496 - ProApps EXPLOIT DNS Query to Cerber Domain (azwsxe . win) (exploit.rules) 2820497 - ProApps EXPLOIT DNS Query to Cerber Domain (xzcfr4 . win) (exploit.rules) 2820498 - ProApps EXPLOIT DNS Query to Cerber Domain (asd3r3 . win) (exploit.rules) 2820499 - ProApps EXPLOIT DNS Query to Cerber Domain (fgfid6 . win) (exploit.rules) 2820500 - ProApps EXPLOIT DNS Query to Cerber Domain (werti4 . win) (exploit.rules) 2820501 - ProApps EXPLOIT DNS Query to Cerber Domain (azlto5 . win) (exploit.rules) 2820502 - ProApps EXPLOIT DNS Query to Cerber Domain (sdfiso . win) (exploit.rules) 2820503 - ProApps EXPLOIT DNS Query to Cerber Domain (ad34ft . win) (exploit.rules) 2820504 - ProApps EXPLOIT DNS Query to Cerber Domain (asxce4 . win) (exploit.rules) 2820505 - ProApps EXPLOIT DNS Query to Cerber Domain (sims6n . win) (exploit.rules) 2820507 - ProApps EXPLOIT DNS Query to Cerber Domain (45kgok . win) (exploit.rules) 2820716 - ProApps EXPLOIT DNS Query to Cerber Domain (lfotp5 . win) (exploit.rules) 2820717 - ProApps EXPLOIT DNS Query to Cerber Domain (6oifgr . win) (exploit.rules) 2820718 - ProApps EXPLOIT DNS Query to Cerber Domain (zx34jk . win) (exploit.rules) 2820720 - ProApps EXPLOIT DNS Query to Cerber Domain (xo59ok . win) (exploit.rules) 2820721 - ProApps EXPLOIT DNS Query to Cerber Domain (rt4e34 . win) (exploit.rules) 2820722 - ProApps EXPLOIT DNS Query to Cerber Domain (as13fd . win) (exploit.rules) 2820723 - ProApps EXPLOIT DNS Query to Cerber Domain (xlfp45 . win) (exploit.rules) 2820724 - ProApps EXPLOIT DNS Query to Cerber Domain (xltnet . win) (exploit.rules) 2820725 - ProApps EXPLOIT DNS Query to Cerber Domain (ret5kr . win) (exploit.rules) 2820726 - ProApps EXPLOIT DNS Query to Cerber Domain (xmfhr6 . win) (exploit.rules) 2820729 - ProApps EXPLOIT DNS Query to Cerber Domain (slr849 . win) (exploit.rules) 2820730 - ProApps EXPLOIT DNS Query to Cerber Domain (zgf48j . win) (exploit.rules) 2820818 - ProApps EXPLOIT DNS Query to Cerber Domain (dkrti5 . win) (exploit.rules) 2820819 - ProApps EXPLOIT DNS Query to Cerber Domain (vmfu48 . win) (exploit.rules) 2820820 - ProApps EXPLOIT DNS Query to Cerber Domain (gkfit9 . win) (exploit.rules) 2820821 - ProApps EXPLOIT DNS Query to Cerber Domain (cneo59 . win) (exploit.rules) 2820823 - ProApps EXPLOIT DNS Query to Cerber Domain (xmfir0 . win) (exploit.rules) 2820865 - ProApps EXPLOIT DNS Query to Cerber Domain (305iot . win) (exploit.rules) 2820866 - ProApps EXPLOIT DNS Query to Cerber Domain (djre89 . win) (exploit.rules) 2820867 - ProApps EXPLOIT DNS Query to Cerber Domain (fkri48 . win) (exploit.rules) 2820869 - ProApps EXPLOIT DNS Query to Cerber Domain (xmfjr7 . top) (exploit.rules) 2821007 - ProApps EXPLOIT DNS Query to Cerber Domain (xtrvb4 . win) (exploit.rules) 2821008 - ProApps EXPLOIT DNS Query to Cerber Domain (ie7t8k . top) (exploit.rules) 2821010 - ProApps EXPLOIT DNS Query to Cerber Domain (alri58 . win) (exploit.rules) 2821013 - ProApps EXPLOIT DNS Query to Cerber Domain (fkgrie . top) (exploit.rules) 2821047 - ProApps EXPLOIT DNS Query to Cerber Domain (5kti58 . top) (exploit.rules) 2821048 - ProApps EXPLOIT DNS Query to Cerber Domain (xmfkr8 . top) (exploit.rules) 2821049 - ProApps EXPLOIT DNS Query to Cerber Domain (to6maq . top) (exploit.rules) 2821050 - ProApps EXPLOIT DNS Query to Cerber Domain (vmfur5 . top) (exploit.rules) 2821051 - ProApps EXPLOIT DNS Query to Cerber Domain (lfotp5 . top) (exploit.rules) 2821052 - ProApps EXPLOIT DNS Query to Cerber Domain (we34re . top) (exploit.rules) 2821108 - ProApps EXPLOIT DNS Query to Cerber Domain (adevf4 . win) (exploit.rules) 2821112 - ProApps EXPLOIT DNS Query to Cerber Domain (fgfid6 . top) (exploit.rules) 2821113 - ProApps EXPLOIT DNS Query to Cerber Domain (fkr84i . win) (exploit.rules) 2821114 - ProApps EXPLOIT DNS Query to Cerber Domain (45gf4t . win) (exploit.rules) 2821151 - ProApps EXPLOIT DNS Query to Cerber Domain (cmti5o . win) (exploit.rules) 2821214 - ProApps EXPLOIT DNS Query to Cerber Domain (asd3r3 . top) (exploit.rules) 2821217 - ProApps EXPLOIT DNS Query to Cerber Domain (bestfordownload . click) (exploit.rules) 2821218 - ProApps EXPLOIT DNS Query to Cerber Domain (6ogy3i . top) (exploit.rules) 2821220 - ProApps EXPLOIT DNS Query to Cerber Domain (7jiff7 . top) (exploit.rules) 2821221 - ProApps EXPLOIT DNS Query to Cerber Domain (o08a6d . top) (exploit.rules) 2821222 - ProApps EXPLOIT DNS Query to Cerber Domain (k7oud1 . top) (exploit.rules) 2821223 - ProApps EXPLOIT DNS Query to Cerber Domain (gletterstan . trade) (exploit.rules) 2821224 - ProApps EXPLOIT DNS Query to Cerber Domain (j92msu . top) (exploit.rules) 2821239 - ProApps EXPLOIT DNS Query to Cerber Domain (g0ots2 . top) (exploit.rules) 2821241 - ProApps EXPLOIT DNS Query to Cerber Domain (wer56t . top) (exploit.rules) 2821242 - ProApps EXPLOIT DNS Query to Cerber Domain (kml2o2 . top) (exploit.rules) 2821243 - ProApps EXPLOIT DNS Query to Cerber Domain (ka0te8 . top) (exploit.rules) 2821246 - ProApps EXPLOIT DNS Query to Cerber Domain (moonsides . faith) (exploit.rules) 2821249 - ProApps EXPLOIT DNS Query to Cerber Domain (9nj8ex . top) (exploit.rules) 2821254 - ProApps EXPLOIT DNS Query to Cerber Domain (bigfooters . loan) (exploit.rules) 2821255 - ProApps EXPLOIT DNS Query to Cerber Domain (c7ex9n . top) (exploit.rules) 2821256 - ProApps EXPLOIT DNS Query to Cerber Domain (viceled . pw) (exploit.rules) 2821257 - ProApps EXPLOIT DNS Query to Cerber Domain (ujtwhg . top) (exploit.rules) 2821258 - ProApps EXPLOIT DNS Query to Cerber Domain (9ildst . top) (exploit.rules) 2821260 - ProApps EXPLOIT DNS Query to Cerber Domain (marksgain . kim) (exploit.rules) 2821261 - ProApps EXPLOIT DNS Query to Cerber Domain (ep493u . top) (exploit.rules) 2821262 - ProApps EXPLOIT DNS Query to Cerber Domain (nameuser . site) (exploit.rules) 2821263 - ProApps EXPLOIT DNS Query to Cerber Domain (fgkr56 . top) (exploit.rules) 2821266 - ProApps EXPLOIT DNS Query to Cerber Domain (p2lsgr . top) (exploit.rules) 2821267 - ProApps EXPLOIT DNS Query to Cerber Domain (o2dval . top) (exploit.rules) 2821268 - ProApps EXPLOIT DNS Query to Cerber Domain (chargecar . vip) (exploit.rules) 2821269 - ProApps EXPLOIT DNS Query to Cerber Domain (cmri58 . top) (exploit.rules) 2821270 - ProApps EXPLOIT DNS Query to Cerber Domain (p8rruv . top) (exploit.rules) 2821272 - ProApps EXPLOIT DNS Query to Cerber Domain (xkfi59 . top) (exploit.rules) 2821273 - ProApps EXPLOIT DNS Query to Cerber Domain (x1kofw . top) (exploit.rules) 2821275 - ProApps EXPLOIT DNS Query to Cerber Domain (58na23 . top) (exploit.rules) 2821276 - ProApps EXPLOIT DNS Query to Cerber Domain (zclw5i . top) (exploit.rules) 2821278 - ProApps EXPLOIT DNS Query to Cerber Domain (5b1s82 . top) (exploit.rules) 2821279 - ProApps EXPLOIT DNS Query to Cerber Domain (hasterlyston . cloud) (exploit.rules) 2821281 - ProApps EXPLOIT DNS Query to Cerber Domain (xmfru5 . top) (exploit.rules) 2821282 - ProApps EXPLOIT DNS Query to Cerber Domain (laverhants . link) (exploit.rules) 2821283 - ProApps EXPLOIT DNS Query to Cerber Domain (kcufx4 . top) (exploit.rules) 2821284 - ProApps EXPLOIT DNS Query to Cerber Domain (0225r5 . top) (exploit.rules) 2821285 - ProApps EXPLOIT DNS Query to Cerber Domain (lk0bzc . top) (exploit.rules) 2821286 - ProApps EXPLOIT DNS Query to Cerber Domain (hlu8yz . top) (exploit.rules) 2821288 - ProApps EXPLOIT DNS Query to Cerber Domain (azwsxe . top) (exploit.rules) 2821291 - ProApps EXPLOIT DNS Query to Cerber Domain (thyx30 . top) (exploit.rules) 2821293 - ProApps EXPLOIT DNS Query to Cerber Domain (grewmarks . vip) (exploit.rules) 2821294 - ProApps EXPLOIT DNS Query to Cerber Domain (4oti58 . top) (exploit.rules) 2821295 - ProApps EXPLOIT DNS Query to Cerber Domain (3lhjyx . top) (exploit.rules) 2821296 - ProApps EXPLOIT DNS Query to Cerber Domain (mtxtul . top) (exploit.rules) 2821298 - ProApps EXPLOIT DNS Query to Cerber Domain (092vu8 . top) (exploit.rules) 2821299 - ProApps EXPLOIT DNS Query to Cerber Domain (b7mciu . top) (exploit.rules) 2821301 - ProApps EXPLOIT DNS Query to Cerber Domain (self56 . top) (exploit.rules) 2821302 - ProApps EXPLOIT DNS Query to Cerber Domain (sentowing . trade) (exploit.rules) 2821303 - ProApps EXPLOIT DNS Query to Cerber Domain (yv7l4b . top) (exploit.rules) 2821304 - ProApps EXPLOIT DNS Query to Cerber Domain (freshsdog . loan) (exploit.rules) 2821306 - ProApps EXPLOIT DNS Query to Cerber Domain (pap44w . top) (exploit.rules) 2821307 - ProApps EXPLOIT DNS Query to Cerber Domain (frn62e . top) (exploit.rules) 2821428 - ProApps EXPLOIT DNS Query to Cerber Domain (0vgu64 . top) (exploit.rules) 2821429 - ProApps EXPLOIT DNS Query to Cerber Domain (143h2a . top) (exploit.rules) 2821430 - ProApps EXPLOIT DNS Query to Cerber Domain (1bipa9 . top) (exploit.rules) 2821431 - ProApps EXPLOIT DNS Query to Cerber Domain (1de02r . top) (exploit.rules) 2821434 - ProApps EXPLOIT DNS Query to Cerber Domain (308an1 . top) (exploit.rules) 2821437 - ProApps EXPLOIT DNS Query to Cerber Domain (3odvfb . top) (exploit.rules) 2821438 - ProApps EXPLOIT DNS Query to Cerber Domain (43wjor . top) (exploit.rules) 2821439 - ProApps EXPLOIT DNS Query to Cerber Domain (4ynpjd . top) (exploit.rules) 2821441 - ProApps EXPLOIT DNS Query to Cerber Domain (67j6ht . top) (exploit.rules) 2821445 - ProApps EXPLOIT DNS Query to Cerber Domain (ageshere . club) (exploit.rules) 2821446 - ProApps EXPLOIT DNS Query to Cerber Domain (anypicked . red) (exploit.rules) 2821451 - ProApps EXPLOIT DNS Query to Cerber Domain (apwzbe . top) (exploit.rules) 2821453 - ProApps EXPLOIT DNS Query to Cerber Domain (aredark . mobi) (exploit.rules) 2821454 - ProApps EXPLOIT DNS Query to Cerber Domain (barberryshin . casa) (exploit.rules) 2821455 - ProApps EXPLOIT DNS Query to Cerber Domain (biologyup . date) (exploit.rules) 2821456 - ProApps EXPLOIT DNS Query to Cerber Domain (bnctf6 . top) (exploit.rules) 2821457 - ProApps EXPLOIT DNS Query to Cerber Domain (bookjumps . us) (exploit.rules) 2821458 - ProApps EXPLOIT DNS Query to Cerber Domain (boxsame . kim) (exploit.rules) 2821460 - ProApps EXPLOIT DNS Query to Cerber Domain (clockhate . loan) (exploit.rules) 2821461 - ProApps EXPLOIT DNS Query to Cerber Domain (costlady . pw) (exploit.rules) 2821462 - ProApps EXPLOIT DNS Query to Cerber Domain (crispkey . mobi) (exploit.rules) 2821465 - ProApps EXPLOIT DNS Query to Cerber Domain (dd4xo3 . top) (exploit.rules) 2821466 - ProApps EXPLOIT DNS Query to Cerber Domain (dkrie7 . top) (exploit.rules) 2821467 - ProApps EXPLOIT DNS Query to Cerber Domain (dkro3u . top) (exploit.rules) 2821468 - ProApps EXPLOIT DNS Query to Cerber Domain (doggain . mobi) (exploit.rules) 2821469 - ProApps EXPLOIT DNS Query to Cerber Domain (dozensby . loan) (exploit.rules) 2821470 - ProApps EXPLOIT DNS Query to Cerber Domain (eatsdeal . black) (exploit.rules) 2821480 - ProApps EXPLOIT DNS Query to Cerber Domain (fewbreaks . club) (exploit.rules) 2821481 - ProApps EXPLOIT DNS Query to Cerber Domain (fishtotal . bid) (exploit.rules) 2821482 - ProApps EXPLOIT DNS Query to Cerber Domain (flewleast . link) (exploit.rules) 2821483 - ProApps EXPLOIT DNS Query to Cerber Domain (flyingsix . red) (exploit.rules) 2821484 - ProApps EXPLOIT DNS Query to Cerber Domain (folkturns . date) (exploit.rules) 2821485 - ProApps EXPLOIT DNS Query to Cerber Domain (g9tneb . top) (exploit.rules) 2821486 - ProApps EXPLOIT DNS Query to Cerber Domain (gameswarm . loan) (exploit.rules) 2821488 - ProApps EXPLOIT DNS Query to Cerber Domain (gnee6i . top) (exploit.rules) 2821489 - ProApps EXPLOIT DNS Query to Cerber Domain (gonesolve . lol) (exploit.rules) 2821490 - ProApps EXPLOIT DNS Query to Cerber Domain (gpy3tc . top) (exploit.rules) 2821491 - ProApps EXPLOIT DNS Query to Cerber Domain (groupline . info) (exploit.rules) 2821492 - ProApps EXPLOIT DNS Query to Cerber Domain (gtnfgj . top) (exploit.rules) 2821493 - ProApps EXPLOIT DNS Query to Cerber Domain (hf60kb . top) (exploit.rules) 2821494 - ProApps EXPLOIT DNS Query to Cerber Domain (hw7o9w . top) (exploit.rules) 2821495 - ProApps EXPLOIT DNS Query to Cerber Domain (iixz3g . top) (exploit.rules) 2821496 - ProApps EXPLOIT DNS Query to Cerber Domain (innerband . lol) (exploit.rules) 2821497 - ProApps EXPLOIT DNS Query to Cerber Domain (jn8ncm . top) (exploit.rules) 2821498 - ProApps EXPLOIT DNS Query to Cerber Domain (jumplived . in) (exploit.rules) 2821500 - ProApps EXPLOIT DNS Query to Cerber Domain (knowhands . us) (exploit.rules) 2821501 - ProApps EXPLOIT DNS Query to Cerber Domain (kswcuk . top) (exploit.rules) 2821503 - ProApps EXPLOIT DNS Query to Cerber Domain (liescale . in) (exploit.rules) 2821504 - ProApps EXPLOIT DNS Query to Cerber Domain (lorrydo . lol) (exploit.rules) 2821506 - ProApps EXPLOIT DNS Query to Cerber Domain (metmet . win) (exploit.rules) 2821507 - ProApps EXPLOIT DNS Query to Cerber Domain (mileslook . pro) (exploit.rules) 2821508 - ProApps EXPLOIT DNS Query to Cerber Domain (msu96b . top) (exploit.rules) 2821510 - ProApps EXPLOIT DNS Query to Cerber Domain (nearlybut . us) (exploit.rules) 2821511 - ProApps EXPLOIT DNS Query to Cerber Domain (needmight . win) (exploit.rules) 2821512 - ProApps EXPLOIT DNS Query to Cerber Domain (nextask . loan) (exploit.rules) 2821513 - ProApps EXPLOIT DNS Query to Cerber Domain (nfgpeb . top) (exploit.rules) 2821514 - ProApps EXPLOIT DNS Query to Cerber Domain (ninedraws . black) (exploit.rules) 2821515 - ProApps EXPLOIT DNS Query to Cerber Domain (nowants . pw) (exploit.rules) 2821516 - ProApps EXPLOIT DNS Query to Cerber Domain (og5ezh . top) (exploit.rules) 2821517 - ProApps EXPLOIT DNS Query to Cerber Domain (plambers . bid) (exploit.rules) 2821518 - ProApps EXPLOIT DNS Query to Cerber Domain (plotbet . gdn) (exploit.rules) 2821519 - ProApps EXPLOIT DNS Query to Cerber Domain (powersno . link) (exploit.rules) 2821532 - ProApps EXPLOIT DNS Query to Cerber Domain (redefined . click) (exploit.rules) 2821533 - ProApps EXPLOIT DNS Query to Cerber Domain (relyleafs . click) (exploit.rules) 2821534 - ProApps EXPLOIT DNS Query to Cerber Domain (ridsimply . top) (exploit.rules) 2821535 - ProApps EXPLOIT DNS Query to Cerber Domain (rl0bdw . top) (exploit.rules) 2821537 - ProApps EXPLOIT DNS Query to Cerber Domain (sayssales . bid) (exploit.rules) 2821538 - ProApps EXPLOIT DNS Query to Cerber Domain (seenmust . pro) (exploit.rules) 2821539 - ProApps EXPLOIT DNS Query to Cerber Domain (sk8r54 . top) (exploit.rules) 2821540 - ProApps EXPLOIT DNS Query to Cerber Domain (ssd5gt . top) (exploit.rules) 2821541 - ProApps EXPLOIT DNS Query to Cerber Domain (stopsage . gdn) (exploit.rules) 2821542 - ProApps EXPLOIT DNS Query to Cerber Domain (thanreal . link) (exploit.rules) 2821543 - ProApps EXPLOIT DNS Query to Cerber Domain (themevery . win) (exploit.rules) 2821544 - ProApps EXPLOIT DNS Query to Cerber Domain (topicside . club) (exploit.rules) 2821545 - ProApps EXPLOIT DNS Query to Cerber Domain (v11z5e . top) (exploit.rules) 2821546 - ProApps EXPLOIT DNS Query to Cerber Domain (variedtax . kim) (exploit.rules) 2821547 - ProApps EXPLOIT DNS Query to Cerber Domain (vkm4l6 . top) (exploit.rules) 2821550 - ProApps EXPLOIT DNS Query to Cerber Domain (wonrough . in) (exploit.rules) 2821551 - ProApps EXPLOIT DNS Query to Cerber Domain (worsemine . pro) (exploit.rules) 2821552 - ProApps EXPLOIT DNS Query to Cerber Domain (wz139z . top) (exploit.rules) 2821554 - ProApps EXPLOIT DNS Query to Cerber Domain (y721yz . top) (exploit.rules) 2821556 - ProApps EXPLOIT DNS Query to Cerber Domain (z7ud98 . top) (exploit.rules) [***] ProApps Security IDS Rules Changelog started Fri Oct 14 16:42:29 2016 [***] [+++] Added rules: 247 [+++] 2023337 - ProApps TROJAN Win32/Infostealer.Snifula File Upload (trojan.rules) 2023338 - ProApps TROJAN TheTrick Banking Trojan User-Agent (trojan.rules) 2023339 - ProApps TROJAN Unknown Potentially Malicious Traffic 1 (trojan.rules) 2023340 - ProApps TROJAN Unknown Potentially Malicious Traffic 2 (trojan.rules) 2023341 - ProApps TROJAN Unknown Potentially Malicious Traffic 3 (trojan.rules) 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules) 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules) 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules) 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules) 2820268 - ProApps EXPLOIT DNS Query to Cerber Domain (kipfgs65s . com) (exploit.rules) 2820269 - ProApps EXPLOIT DNS Query to Cerber Domain (fastpaybtc . com) (exploit.rules) 2820284 - ProApps EXPLOIT DNS Query to Cerber Domain (easypaybtc . com) (exploit.rules) 2820408 - ProApps EXPLOIT DNS Query to Cerber Domain (tewoaq . win) (exploit.rules) 2820409 - ProApps EXPLOIT DNS Query to Cerber Domain (red4is . win) (exploit.rules) 2820411 - ProApps EXPLOIT DNS Query to Cerber Domain (to6maq . win) (exploit.rules) 2820412 - ProApps EXPLOIT DNS Query to Cerber Domain (maqwe5 . win) (exploit.rules) 2820413 - ProApps EXPLOIT DNS Query to Cerber Domain (wewiso . win) (exploit.rules) 2820414 - ProApps EXPLOIT DNS Query to Cerber Domain (nerti5 . win) (exploit.rules) 2820415 - ProApps EXPLOIT DNS Query to Cerber Domain (raress . win) (exploit.rules) 2820416 - ProApps EXPLOIT DNS Query to Cerber Domain (workju . win) (exploit.rules) 2820417 - ProApps EXPLOIT DNS Query to Cerber Domain (wet4io . win) (exploit.rules) 2820418 - ProApps EXPLOIT DNS Query to Cerber Domain (mix3hi . win) (exploit.rules) 2820419 - ProApps EXPLOIT DNS Query to Cerber Domain (oneswi . win) (exploit.rules) 2820420 - ProApps EXPLOIT DNS Query to Cerber Domain (lib2vi . win) (exploit.rules) 2820421 - ProApps EXPLOIT DNS Query to Cerber Domain (tigifc . win) (exploit.rules) 2820422 - ProApps EXPLOIT DNS Query to Cerber Domain (ti4wic . win) (exploit.rules) 2820423 - ProApps EXPLOIT DNS Query to Cerber Domain (amdeu5 . win) (exploit.rules) 2820424 - ProApps EXPLOIT DNS Query to Cerber Domain (moneu5 . win) (exploit.rules) 2820425 - ProApps EXPLOIT DNS Query to Cerber Domain (m5gid4 . win) (exploit.rules) 2820426 - ProApps EXPLOIT DNS Query to Cerber Domain (m5fgoi . win) (exploit.rules) 2820427 - ProApps EXPLOIT DNS Query to Cerber Domain (wins4n . win) (exploit.rules) 2820428 - ProApps EXPLOIT DNS Query to Cerber Domain (m5gips . win) (exploit.rules) 2820496 - ProApps EXPLOIT DNS Query to Cerber Domain (azwsxe . win) (exploit.rules) 2820497 - ProApps EXPLOIT DNS Query to Cerber Domain (xzcfr4 . win) (exploit.rules) 2820498 - ProApps EXPLOIT DNS Query to Cerber Domain (asd3r3 . win) (exploit.rules) 2820499 - ProApps EXPLOIT DNS Query to Cerber Domain (fgfid6 . win) (exploit.rules) 2820500 - ProApps EXPLOIT DNS Query to Cerber Domain (werti4 . win) (exploit.rules) 2820501 - ProApps EXPLOIT DNS Query to Cerber Domain (azlto5 . win) (exploit.rules) 2820502 - ProApps EXPLOIT DNS Query to Cerber Domain (sdfiso . win) (exploit.rules) 2820503 - ProApps EXPLOIT DNS Query to Cerber Domain (ad34ft . win) (exploit.rules) 2820504 - ProApps EXPLOIT DNS Query to Cerber Domain (asxce4 . win) (exploit.rules) 2820505 - ProApps EXPLOIT DNS Query to Cerber Domain (sims6n . win) (exploit.rules) 2820507 - ProApps EXPLOIT DNS Query to Cerber Domain (45kgok . win) (exploit.rules) 2820716 - ProApps EXPLOIT DNS Query to Cerber Domain (lfotp5 . win) (exploit.rules) 2820717 - ProApps EXPLOIT DNS Query to Cerber Domain (6oifgr . win) (exploit.rules) 2820718 - ProApps EXPLOIT DNS Query to Cerber Domain (zx34jk . win) (exploit.rules) 2820720 - ProApps EXPLOIT DNS Query to Cerber Domain (xo59ok . win) (exploit.rules) 2820721 - ProApps EXPLOIT DNS Query to Cerber Domain (rt4e34 . win) (exploit.rules) 2820722 - ProApps EXPLOIT DNS Query to Cerber Domain (as13fd . win) (exploit.rules) 2820723 - ProApps EXPLOIT DNS Query to Cerber Domain (xlfp45 . win) (exploit.rules) 2820724 - ProApps EXPLOIT DNS Query to Cerber Domain (xltnet . win) (exploit.rules) 2820725 - ProApps EXPLOIT DNS Query to Cerber Domain (ret5kr . win) (exploit.rules) 2820726 - ProApps EXPLOIT DNS Query to Cerber Domain (xmfhr6 . win) (exploit.rules) 2820729 - ProApps EXPLOIT DNS Query to Cerber Domain (slr849 . win) (exploit.rules) 2820730 - ProApps EXPLOIT DNS Query to Cerber Domain (zgf48j . win) (exploit.rules) 2820818 - ProApps EXPLOIT DNS Query to Cerber Domain (dkrti5 . win) (exploit.rules) 2820819 - ProApps EXPLOIT DNS Query to Cerber Domain (vmfu48 . win) (exploit.rules) 2820820 - ProApps EXPLOIT DNS Query to Cerber Domain (gkfit9 . win) (exploit.rules) 2820821 - ProApps EXPLOIT DNS Query to Cerber Domain (cneo59 . win) (exploit.rules) 2820823 - ProApps EXPLOIT DNS Query to Cerber Domain (xmfir0 . win) (exploit.rules) 2820865 - ProApps EXPLOIT DNS Query to Cerber Domain (305iot . win) (exploit.rules) 2820866 - ProApps EXPLOIT DNS Query to Cerber Domain (djre89 . win) (exploit.rules) 2820867 - ProApps EXPLOIT DNS Query to Cerber Domain (fkri48 . win) (exploit.rules) 2820869 - ProApps EXPLOIT DNS Query to Cerber Domain (xmfjr7 . top) (exploit.rules) 2821007 - ProApps EXPLOIT DNS Query to Cerber Domain (xtrvb4 . win) (exploit.rules) 2821008 - ProApps EXPLOIT DNS Query to Cerber Domain (ie7t8k . top) (exploit.rules) 2821010 - ProApps EXPLOIT DNS Query to Cerber Domain (alri58 . win) (exploit.rules) 2821013 - ProApps EXPLOIT DNS Query to Cerber Domain (fkgrie . top) (exploit.rules) 2821047 - ProApps EXPLOIT DNS Query to Cerber Domain (5kti58 . top) (exploit.rules) 2821048 - ProApps EXPLOIT DNS Query to Cerber Domain (xmfkr8 . top) (exploit.rules) 2821049 - ProApps EXPLOIT DNS Query to Cerber Domain (to6maq . top) (exploit.rules) 2821050 - ProApps EXPLOIT DNS Query to Cerber Domain (vmfur5 . top) (exploit.rules) 2821051 - ProApps EXPLOIT DNS Query to Cerber Domain (lfotp5 . top) (exploit.rules) 2821052 - ProApps EXPLOIT DNS Query to Cerber Domain (we34re . top) (exploit.rules) 2821108 - ProApps EXPLOIT DNS Query to Cerber Domain (adevf4 . win) (exploit.rules) 2821112 - ProApps EXPLOIT DNS Query to Cerber Domain (fgfid6 . top) (exploit.rules) 2821113 - ProApps EXPLOIT DNS Query to Cerber Domain (fkr84i . win) (exploit.rules) 2821114 - ProApps EXPLOIT DNS Query to Cerber Domain (45gf4t . win) (exploit.rules) 2821151 - ProApps EXPLOIT DNS Query to Cerber Domain (cmti5o . win) (exploit.rules) 2821214 - ProApps EXPLOIT DNS Query to Cerber Domain (asd3r3 . top) (exploit.rules) 2821217 - ProApps EXPLOIT DNS Query to Cerber Domain (bestfordownload . click) (exploit.rules) 2821218 - ProApps EXPLOIT DNS Query to Cerber Domain (6ogy3i . top) (exploit.rules) 2821220 - ProApps EXPLOIT DNS Query to Cerber Domain (7jiff7 . top) (exploit.rules) 2821221 - ProApps EXPLOIT DNS Query to Cerber Domain (o08a6d . top) (exploit.rules) 2821222 - ProApps EXPLOIT DNS Query to Cerber Domain (k7oud1 . top) (exploit.rules) 2821223 - ProApps EXPLOIT DNS Query to Cerber Domain (gletterstan . trade) (exploit.rules) 2821224 - ProApps EXPLOIT DNS Query to Cerber Domain (j92msu . top) (exploit.rules) 2821239 - ProApps EXPLOIT DNS Query to Cerber Domain (g0ots2 . top) (exploit.rules) 2821241 - ProApps EXPLOIT DNS Query to Cerber Domain (wer56t . top) (exploit.rules) 2821242 - ProApps EXPLOIT DNS Query to Cerber Domain (kml2o2 . top) (exploit.rules) 2821243 - ProApps EXPLOIT DNS Query to Cerber Domain (ka0te8 . top) (exploit.rules) 2821246 - ProApps EXPLOIT DNS Query to Cerber Domain (moonsides . faith) (exploit.rules) 2821249 - ProApps EXPLOIT DNS Query to Cerber Domain (9nj8ex . top) (exploit.rules) 2821254 - ProApps EXPLOIT DNS Query to Cerber Domain (bigfooters . loan) (exploit.rules) 2821255 - ProApps EXPLOIT DNS Query to Cerber Domain (c7ex9n . top) (exploit.rules) 2821256 - ProApps EXPLOIT DNS Query to Cerber Domain (viceled . pw) (exploit.rules) 2821257 - ProApps EXPLOIT DNS Query to Cerber Domain (ujtwhg . top) (exploit.rules) 2821258 - ProApps EXPLOIT DNS Query to Cerber Domain (9ildst . top) (exploit.rules) 2821260 - ProApps EXPLOIT DNS Query to Cerber Domain (marksgain . kim) (exploit.rules) 2821261 - ProApps EXPLOIT DNS Query to Cerber Domain (ep493u . top) (exploit.rules) 2821262 - ProApps EXPLOIT DNS Query to Cerber Domain (nameuser . site) (exploit.rules) 2821263 - ProApps EXPLOIT DNS Query to Cerber Domain (fgkr56 . top) (exploit.rules) 2821266 - ProApps EXPLOIT DNS Query to Cerber Domain (p2lsgr . top) (exploit.rules) 2821267 - ProApps EXPLOIT DNS Query to Cerber Domain (o2dval . top) (exploit.rules) 2821268 - ProApps EXPLOIT DNS Query to Cerber Domain (chargecar . vip) (exploit.rules) 2821269 - ProApps EXPLOIT DNS Query to Cerber Domain (cmri58 . top) (exploit.rules) 2821270 - ProApps EXPLOIT DNS Query to Cerber Domain (p8rruv . top) (exploit.rules) 2821272 - ProApps EXPLOIT DNS Query to Cerber Domain (xkfi59 . top) (exploit.rules) 2821273 - ProApps EXPLOIT DNS Query to Cerber Domain (x1kofw . top) (exploit.rules) 2821275 - ProApps EXPLOIT DNS Query to Cerber Domain (58na23 . top) (exploit.rules) 2821276 - ProApps EXPLOIT DNS Query to Cerber Domain (zclw5i . top) (exploit.rules) 2821278 - ProApps EXPLOIT DNS Query to Cerber Domain (5b1s82 . top) (exploit.rules) 2821279 - ProApps EXPLOIT DNS Query to Cerber Domain (hasterlyston . cloud) (exploit.rules) 2821281 - ProApps EXPLOIT DNS Query to Cerber Domain (xmfru5 . top) (exploit.rules) 2821282 - ProApps EXPLOIT DNS Query to Cerber Domain (laverhants . link) (exploit.rules) 2821283 - ProApps EXPLOIT DNS Query to Cerber Domain (kcufx4 . top) (exploit.rules) 2821284 - ProApps EXPLOIT DNS Query to Cerber Domain (0225r5 . top) (exploit.rules) 2821285 - ProApps EXPLOIT DNS Query to Cerber Domain (lk0bzc . top) (exploit.rules) 2821286 - ProApps EXPLOIT DNS Query to Cerber Domain (hlu8yz . top) (exploit.rules) 2821288 - ProApps EXPLOIT DNS Query to Cerber Domain (azwsxe . top) (exploit.rules) 2821291 - ProApps EXPLOIT DNS Query to Cerber Domain (thyx30 . top) (exploit.rules) 2821293 - ProApps EXPLOIT DNS Query to Cerber Domain (grewmarks . vip) (exploit.rules) 2821294 - ProApps EXPLOIT DNS Query to Cerber Domain (4oti58 . top) (exploit.rules) 2821295 - ProApps EXPLOIT DNS Query to Cerber Domain (3lhjyx . top) (exploit.rules) 2821296 - ProApps EXPLOIT DNS Query to Cerber Domain (mtxtul . top) (exploit.rules) 2821298 - ProApps EXPLOIT DNS Query to Cerber Domain (092vu8 . top) (exploit.rules) 2821299 - ProApps EXPLOIT DNS Query to Cerber Domain (b7mciu . top) (exploit.rules) 2821301 - ProApps EXPLOIT DNS Query to Cerber Domain (self56 . top) (exploit.rules) 2821302 - ProApps EXPLOIT DNS Query to Cerber Domain (sentowing . trade) (exploit.rules) 2821303 - ProApps EXPLOIT DNS Query to Cerber Domain (yv7l4b . top) (exploit.rules) 2821304 - ProApps EXPLOIT DNS Query to Cerber Domain (freshsdog . loan) (exploit.rules) 2821306 - ProApps EXPLOIT DNS Query to Cerber Domain (pap44w . top) (exploit.rules) 2821307 - ProApps EXPLOIT DNS Query to Cerber Domain (frn62e . top) (exploit.rules) 2821428 - ProApps EXPLOIT DNS Query to Cerber Domain (0vgu64 . top) (exploit.rules) 2821429 - ProApps EXPLOIT DNS Query to Cerber Domain (143h2a . top) (exploit.rules) 2821430 - ProApps EXPLOIT DNS Query to Cerber Domain (1bipa9 . top) (exploit.rules) 2821431 - ProApps EXPLOIT DNS Query to Cerber Domain (1de02r . top) (exploit.rules) 2821434 - ProApps EXPLOIT DNS Query to Cerber Domain (308an1 . top) (exploit.rules) 2821437 - ProApps EXPLOIT DNS Query to Cerber Domain (3odvfb . top) (exploit.rules) 2821438 - ProApps EXPLOIT DNS Query to Cerber Domain (43wjor . top) (exploit.rules) 2821439 - ProApps EXPLOIT DNS Query to Cerber Domain (4ynpjd . top) (exploit.rules) 2821441 - ProApps EXPLOIT DNS Query to Cerber Domain (67j6ht . top) (exploit.rules) 2821445 - ProApps EXPLOIT DNS Query to Cerber Domain (ageshere . club) (exploit.rules) 2821446 - ProApps EXPLOIT DNS Query to Cerber Domain (anypicked . red) (exploit.rules) 2821451 - ProApps EXPLOIT DNS Query to Cerber Domain (apwzbe . top) (exploit.rules) 2821453 - ProApps EXPLOIT DNS Query to Cerber Domain (aredark . mobi) (exploit.rules) 2821454 - ProApps EXPLOIT DNS Query to Cerber Domain (barberryshin . casa) (exploit.rules) 2821455 - ProApps EXPLOIT DNS Query to Cerber Domain (biologyup . date) (exploit.rules) 2821456 - ProApps EXPLOIT DNS Query to Cerber Domain (bnctf6 . top) (exploit.rules) 2821457 - ProApps EXPLOIT DNS Query to Cerber Domain (bookjumps . us) (exploit.rules) 2821458 - ProApps EXPLOIT DNS Query to Cerber Domain (boxsame . kim) (exploit.rules) 2821460 - ProApps EXPLOIT DNS Query to Cerber Domain (clockhate . loan) (exploit.rules) 2821461 - ProApps EXPLOIT DNS Query to Cerber Domain (costlady . pw) (exploit.rules) 2821462 - ProApps EXPLOIT DNS Query to Cerber Domain (crispkey . mobi) (exploit.rules) 2821465 - ProApps EXPLOIT DNS Query to Cerber Domain (dd4xo3 . top) (exploit.rules) 2821466 - ProApps EXPLOIT DNS Query to Cerber Domain (dkrie7 . top) (exploit.rules) 2821467 - ProApps EXPLOIT DNS Query to Cerber Domain (dkro3u . top) (exploit.rules) 2821468 - ProApps EXPLOIT DNS Query to Cerber Domain (doggain . mobi) (exploit.rules) 2821469 - ProApps EXPLOIT DNS Query to Cerber Domain (dozensby . loan) (exploit.rules) 2821470 - ProApps EXPLOIT DNS Query to Cerber Domain (eatsdeal . black) (exploit.rules) 2821480 - ProApps EXPLOIT DNS Query to Cerber Domain (fewbreaks . club) (exploit.rules) 2821481 - ProApps EXPLOIT DNS Query to Cerber Domain (fishtotal . bid) (exploit.rules) 2821482 - ProApps EXPLOIT DNS Query to Cerber Domain (flewleast . link) (exploit.rules) 2821483 - ProApps EXPLOIT DNS Query to Cerber Domain (flyingsix . red) (exploit.rules) 2821484 - ProApps EXPLOIT DNS Query to Cerber Domain (folkturns . date) (exploit.rules) 2821485 - ProApps EXPLOIT DNS Query to Cerber Domain (g9tneb . top) (exploit.rules) 2821486 - ProApps EXPLOIT DNS Query to Cerber Domain (gameswarm . loan) (exploit.rules) 2821488 - ProApps EXPLOIT DNS Query to Cerber Domain (gnee6i . top) (exploit.rules) 2821489 - ProApps EXPLOIT DNS Query to Cerber Domain (gonesolve . lol) (exploit.rules) 2821490 - ProApps EXPLOIT DNS Query to Cerber Domain (gpy3tc . top) (exploit.rules) 2821491 - ProApps EXPLOIT DNS Query to Cerber Domain (groupline . info) (exploit.rules) 2821492 - ProApps EXPLOIT DNS Query to Cerber Domain (gtnfgj . top) (exploit.rules) 2821493 - ProApps EXPLOIT DNS Query to Cerber Domain (hf60kb . top) (exploit.rules) 2821494 - ProApps EXPLOIT DNS Query to Cerber Domain (hw7o9w . top) (exploit.rules) 2821495 - ProApps EXPLOIT DNS Query to Cerber Domain (iixz3g . top) (exploit.rules) 2821496 - ProApps EXPLOIT DNS Query to Cerber Domain (innerband . lol) (exploit.rules) 2821497 - ProApps EXPLOIT DNS Query to Cerber Domain (jn8ncm . top) (exploit.rules) 2821498 - ProApps EXPLOIT DNS Query to Cerber Domain (jumplived . in) (exploit.rules) 2821500 - ProApps EXPLOIT DNS Query to Cerber Domain (knowhands . us) (exploit.rules) 2821501 - ProApps EXPLOIT DNS Query to Cerber Domain (kswcuk . top) (exploit.rules) 2821503 - ProApps EXPLOIT DNS Query to Cerber Domain (liescale . in) (exploit.rules) 2821504 - ProApps EXPLOIT DNS Query to Cerber Domain (lorrydo . lol) (exploit.rules) 2821506 - ProApps EXPLOIT DNS Query to Cerber Domain (metmet . win) (exploit.rules) 2821507 - ProApps EXPLOIT DNS Query to Cerber Domain (mileslook . pro) (exploit.rules) 2821508 - ProApps EXPLOIT DNS Query to Cerber Domain (msu96b . top) (exploit.rules) 2821510 - ProApps EXPLOIT DNS Query to Cerber Domain (nearlybut . us) (exploit.rules) 2821511 - ProApps EXPLOIT DNS Query to Cerber Domain (needmight . win) (exploit.rules) 2821512 - ProApps EXPLOIT DNS Query to Cerber Domain (nextask . loan) (exploit.rules) 2821513 - ProApps EXPLOIT DNS Query to Cerber Domain (nfgpeb . top) (exploit.rules) 2821514 - ProApps EXPLOIT DNS Query to Cerber Domain (ninedraws . black) (exploit.rules) 2821515 - ProApps EXPLOIT DNS Query to Cerber Domain (nowants . pw) (exploit.rules) 2821516 - ProApps EXPLOIT DNS Query to Cerber Domain (og5ezh . top) (exploit.rules) 2821517 - ProApps EXPLOIT DNS Query to Cerber Domain (plambers . bid) (exploit.rules) 2821518 - ProApps EXPLOIT DNS Query to Cerber Domain (plotbet . gdn) (exploit.rules) 2821519 - ProApps EXPLOIT DNS Query to Cerber Domain (powersno . link) (exploit.rules) 2821532 - ProApps EXPLOIT DNS Query to Cerber Domain (redefined . click) (exploit.rules) 2821533 - ProApps EXPLOIT DNS Query to Cerber Domain (relyleafs . click) (exploit.rules) 2821534 - ProApps EXPLOIT DNS Query to Cerber Domain (ridsimply . top) (exploit.rules) 2821535 - ProApps EXPLOIT DNS Query to Cerber Domain (rl0bdw . top) (exploit.rules) 2821537 - ProApps EXPLOIT DNS Query to Cerber Domain (sayssales . bid) (exploit.rules) 2821538 - ProApps EXPLOIT DNS Query to Cerber Domain (seenmust . pro) (exploit.rules) 2821539 - ProApps EXPLOIT DNS Query to Cerber Domain (sk8r54 . top) (exploit.rules) 2821540 - ProApps EXPLOIT DNS Query to Cerber Domain (ssd5gt . top) (exploit.rules) 2821541 - ProApps EXPLOIT DNS Query to Cerber Domain (stopsage . gdn) (exploit.rules) 2821542 - ProApps EXPLOIT DNS Query to Cerber Domain (thanreal . link) (exploit.rules) 2821543 - ProApps EXPLOIT DNS Query to Cerber Domain (themevery . win) (exploit.rules) 2821544 - ProApps EXPLOIT DNS Query to Cerber Domain (topicside . club) (exploit.rules) 2821545 - ProApps EXPLOIT DNS Query to Cerber Domain (v11z5e . top) (exploit.rules) 2821546 - ProApps EXPLOIT DNS Query to Cerber Domain (variedtax . kim) (exploit.rules) 2821547 - ProApps EXPLOIT DNS Query to Cerber Domain (vkm4l6 . top) (exploit.rules) 2821550 - ProApps EXPLOIT DNS Query to Cerber Domain (wonrough . in) (exploit.rules) 2821551 - ProApps EXPLOIT DNS Query to Cerber Domain (worsemine . pro) (exploit.rules) 2821552 - ProApps EXPLOIT DNS Query to Cerber Domain (wz139z . top) (exploit.rules) 2821554 - ProApps EXPLOIT DNS Query to Cerber Domain (y721yz . top) (exploit.rules) 2821556 - ProApps EXPLOIT DNS Query to Cerber Domain (z7ud98 . top) (exploit.rules) 2822628 - ProApps TROJAN PoisonIvy Keepalive to CnC 565 (trojan.rules) 2822629 - ProApps TROJAN PoisonIvy Keepalive to CnC 566 (trojan.rules) 2822630 - ProApps TROJAN PoisonIvy Keepalive to CnC 567 (trojan.rules) 2822631 - ProApps TROJAN PoisonIvy Keepalive to CnC 568 (trojan.rules) 2822632 - ProApps TROJAN Unknown PWS Sending Exfil via FTP (trojan.rules) 2822633 - ProApps TROJAN Win32/Zacom.I CnC Checkin (trojan.rules) 2822634 - ProApps MALWARE Win32/DownloadSoup.PUP Dropping PUP (malware.rules) 2822635 - ProApps CURRENT_EVENTS Successful Bank of America Phish M1 Oct 14 2016 (current_events.rules) 2822636 - ProApps CURRENT_EVENTS Successful Bank of America Phish M2 Oct 14 2016 (current_events.rules) 2822637 - ProApps CURRENT_EVENTS Successful Dropbox Phish Oct 14 2016 (current_events.rules) 2822638 - ProApps CURRENT_EVENTS Successful Yahoo Mail Phish Oct 14 2016 (current_events.rules) 2822639 - ProApps CURRENT_EVENTS Successful Google Drive Phish Oct 14 2016 (current_events.rules) 2822640 - ProApps CURRENT_EVENTS Successful PNC Bank Phish M1 Oct 14 2016 (current_events.rules) 2822641 - ProApps CURRENT_EVENTS Successful PNC Bank Phish M2 Oct 14 2016 (current_events.rules) 2822642 - ProApps CURRENT_EVENTS Successful Yahoo Phish Oct 14 2016 (current_events.rules) 2822643 - ProApps CURRENT_EVENTS Successful Outlook Phish Oct 14 2016 (current_events.rules) 2822644 - ProApps CURRENT_EVENTS Successful Bank of America Phish (set) M1 Oct 14 2016 (current_events.rules) 2822645 - ProApps CURRENT_EVENTS Successful Bank of America Phish (set) M2 Oct 14 2016 (current_events.rules) 2822646 - ProApps CURRENT_EVENTS Successful Bank of America Phish (set) M3 Oct 14 2016 (current_events.rules) 2822647 - ProApps CURRENT_EVENTS Successful Bank of America Phish Oct 14 2016 (current_events.rules) 2822648 - ProApps TROJAN DNS Query to Cerber Domain (bipnnp . bid) (trojan.rules) 2822649 - ProApps TROJAN DNS Query to Cerber Domain (y12acl . bid) (trojan.rules) 2822650 - ProApps TROJAN DNS Query to Cerber Domain (whomate . red) (trojan.rules) 2822651 - ProApps TROJAN DNS Query to Cerber Domain (samesizes . asia) (trojan.rules) 2822652 - ProApps TROJAN DNS Query to Cerber Domain (outpolicy . men) (trojan.rules) 2822653 - ProApps TROJAN DNS Query to Cerber Domain (easyits . black) (trojan.rules) 2822654 - ProApps TROJAN DNS Query to Cerber Domain (5ctoeb . bid) (trojan.rules) 2822655 - ProApps TROJAN DNS Query to Cerber Domain (g948g1 . bid) (trojan.rules) 2822656 - ProApps TROJAN DNS Query to Cerber Domain (rexjyp . bid) (trojan.rules) 2822657 - ProApps TROJAN DNS Query to Cerber Domain (fx4wz2 . top) (trojan.rules) 2822658 - ProApps TROJAN AutoLOG v2 Keylogger Client Checkin (trojan.rules) 2822659 - ProApps CURRENT_EVENTS Possible Successful Generic Phish (set) Oct 13 (current_events.rules) [+++] Modify rules: 85 [+++] 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2819804 - ProApps TROJAN Win32/RaaLoader Retrieving PE (trojan.rules) 2822212 - ProApps CURRENT_EVENTS Astrum EK Flash Exploit URI Struct (current_events.rules) 2822567 - ProApps CURRENT_EVENTS Successful Gmail Phish M1 Oct 11 2016 (current_events.rules) 2822604 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2016-10-13 6) (trojan.rules) 2822605 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2016-10-13 7) (trojan.rules) 2822606 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2016-10-13 8) (trojan.rules) 2822607 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2016-10-13 9) (trojan.rules) 2822608 - ProApps TROJAN DNS Query to Cerber Domain (u2r7tm . bid) (trojan.rules) 2822609 - ProApps TROJAN DNS Query to Cerber Domain (gvoafg . bid) (trojan.rules) 2822610 - ProApps TROJAN DNS Query to Cerber Domain (zbj2kc . bid) (trojan.rules) 2822611 - ProApps TROJAN DNS Query to Cerber Domain (2y4t6f . bid) (trojan.rules) 2822612 - ProApps TROJAN DNS Query to Cerber Domain (w6sj06 . bid) (trojan.rules) 2822613 - ProApps TROJAN DNS Query to Cerber Domain (8zi4pf . bid) (trojan.rules) 2822614 - ProApps TROJAN DNS Query to Cerber Domain (tauunm . bid) (trojan.rules) 2822615 - ProApps TROJAN DNS Query to Cerber Domain (56185u . top) (trojan.rules) 2822616 - ProApps TROJAN DNS Query to Cerber Domain (vmotsf . bid) (trojan.rules) 2822617 - ProApps TROJAN DNS Query to Cerber Domain (drawsif . loan) (trojan.rules) [+++] Removed rules: 207 [+++] 2820268 - ProApps POLICY DNS Query to .onion proxy Domain (kipfgs65s.com) (policy.rules) 2820269 - ProApps POLICY DNS Query to .onion proxy Domain (fastpaybtc.com) (policy.rules) 2820284 - ProApps POLICY DNS Query to .onion proxy Domain (easypaybtc.com) (policy.rules) 2820408 - ProApps POLICY DNS Query to .onion proxy Domain (tewoaq.win) (policy.rules) 2820409 - ProApps POLICY DNS Query to .onion proxy Domain (red4is.win) (policy.rules) 2820411 - ProApps POLICY DNS Query to .onion proxy Domain (to6maq.win) (policy.rules) 2820412 - ProApps POLICY DNS Query to .onion proxy Domain (maqwe5.win) (policy.rules) 2820413 - ProApps POLICY DNS Query to .onion proxy Domain (wewiso.win) (policy.rules) 2820414 - ProApps POLICY DNS Query to .onion proxy Domain (nerti5.win) (policy.rules) 2820415 - ProApps POLICY DNS Query to .onion proxy Domain (raress.win) (policy.rules) 2820416 - ProApps POLICY DNS Query to .onion proxy Domain (workju.win) (policy.rules) 2820417 - ProApps POLICY DNS Query to .onion proxy Domain (wet4io.win) (policy.rules) 2820418 - ProApps POLICY DNS Query to .onion proxy Domain (mix3hi.win) (policy.rules) 2820419 - ProApps POLICY DNS Query to .onion proxy Domain (oneswi.win) (policy.rules) 2820420 - ProApps POLICY DNS Query to .onion proxy Domain (lib2vi.win) (policy.rules) 2820421 - ProApps POLICY DNS Query to .onion proxy Domain (tigifc.win) (policy.rules) 2820422 - ProApps POLICY DNS Query to .onion proxy Domain (ti4wic.win) (policy.rules) 2820423 - ProApps POLICY DNS Query to .onion proxy Domain (amdeu5.win) (policy.rules) 2820424 - ProApps POLICY DNS Query to .onion proxy Domain (moneu5.win) (policy.rules) 2820425 - ProApps POLICY DNS Query to .onion proxy Domain (m5gid4.win) (policy.rules) 2820426 - ProApps POLICY DNS Query to .onion proxy Domain (m5fgoi.win) (policy.rules) 2820427 - ProApps POLICY DNS Query to .onion proxy Domain (wins4n.win) (policy.rules) 2820428 - ProApps POLICY DNS Query to .onion proxy Domain (m5gips.win) (policy.rules) 2820496 - ProApps POLICY DNS Query to .onion proxy Domain (azwsxe.win) (policy.rules) 2820497 - ProApps POLICY DNS Query to .onion proxy Domain (xzcfr4.win) (policy.rules) 2820498 - ProApps POLICY DNS Query to .onion proxy Domain (asd3r3.win) (policy.rules) 2820499 - ProApps POLICY DNS Query to .onion proxy Domain (fgfid6.win) (policy.rules) 2820500 - ProApps POLICY DNS Query to .onion proxy Domain (werti4.win) (policy.rules) 2820501 - ProApps POLICY DNS Query to .onion proxy Domain (azlto5.win) (policy.rules) 2820502 - ProApps POLICY DNS Query to .onion proxy Domain (sdfiso.win) (policy.rules) 2820503 - ProApps POLICY DNS Query to .onion proxy Domain (ad34ft.win) (policy.rules) 2820504 - ProApps POLICY DNS Query to .onion proxy Domain (asxce4.win) (policy.rules) 2820505 - ProApps POLICY DNS Query to .onion proxy Domain (sims6n.win) (policy.rules) 2820507 - ProApps POLICY DNS Query to .onion proxy Domain (45kgok.win) (policy.rules) 2820716 - ProApps POLICY DNS Query to .onion proxy Domain (lfotp5.win) (policy.rules) 2820717 - ProApps POLICY DNS Query to .onion proxy Domain (6oifgr.win) (policy.rules) 2820718 - ProApps POLICY DNS Query to .onion proxy Domain (zx34jk.win) (policy.rules) 2820720 - ProApps POLICY DNS Query to .onion proxy Domain (xo59ok.win) (policy.rules) 2820721 - ProApps POLICY DNS Query to .onion proxy Domain (rt4e34.win) (policy.rules) 2820722 - ProApps POLICY DNS Query to .onion proxy Domain (as13fd.win) (policy.rules) 2820723 - ProApps POLICY DNS Query to .onion proxy Domain (xlfp45.win) (policy.rules) 2820724 - ProApps POLICY DNS Query to .onion proxy Domain (xltnet.win) (policy.rules) 2820725 - ProApps POLICY DNS Query to .onion proxy Domain (ret5kr.win) (policy.rules) 2820726 - ProApps POLICY DNS Query to .onion proxy Domain (xmfhr6.win) (policy.rules) 2820729 - ProApps POLICY DNS Query to .onion proxy Domain (slr849.win) (policy.rules) 2820730 - ProApps POLICY DNS Query to .onion proxy Domain (zgf48j.win) (policy.rules) 2820818 - ProApps POLICY DNS Query to .onion proxy Domain (dkrti5.win) (policy.rules) 2820819 - ProApps POLICY DNS Query to .onion proxy Domain (vmfu48.win) (policy.rules) 2820820 - ProApps POLICY DNS Query to .onion proxy Domain (gkfit9.win) (policy.rules) 2820821 - ProApps POLICY DNS Query to .onion proxy Domain (cneo59.win) (policy.rules) 2820823 - ProApps POLICY DNS Query to .onion proxy Domain (xmfir0.win) (policy.rules) 2820865 - ProApps POLICY DNS Query to .onion proxy Domain (305iot.win) (policy.rules) 2820866 - ProApps POLICY DNS Query to .onion proxy Domain (djre89.win) (policy.rules) 2820867 - ProApps POLICY DNS Query to .onion proxy Domain (fkri48.win) (policy.rules) 2820869 - ProApps POLICY DNS Query to .onion proxy Domain (xmfjr7.top) (policy.rules) 2821007 - ProApps POLICY DNS Query to .onion proxy Domain (xtrvb4.win) (policy.rules) 2821008 - ProApps POLICY DNS Query to .onion proxy Domain (ie7t8k.top) (policy.rules) 2821010 - ProApps POLICY DNS Query to .onion proxy Domain (alri58.win) (policy.rules) 2821013 - ProApps POLICY DNS Query to .onion proxy Domain (fkgrie.top) (policy.rules) 2821047 - ProApps POLICY DNS Query to .onion proxy Domain (5kti58.top) (policy.rules) 2821048 - ProApps POLICY DNS Query to .onion proxy Domain (xmfkr8.top) (policy.rules) 2821049 - ProApps POLICY DNS Query to .onion proxy Domain (to6maq.top) (policy.rules) 2821050 - ProApps POLICY DNS Query to .onion proxy Domain (vmfur5.top) (policy.rules) 2821051 - ProApps POLICY DNS Query to .onion proxy Domain (lfotp5.top) (policy.rules) 2821052 - ProApps POLICY DNS Query to .onion proxy Domain (we34re.top) (policy.rules) 2821108 - ProApps POLICY DNS Query to .onion proxy Domain (adevf4.win) (policy.rules) 2821112 - ProApps POLICY DNS Query to .onion proxy Domain (fgfid6.top) (policy.rules) 2821113 - ProApps POLICY DNS Query to .onion proxy Domain (fkr84i.win) (policy.rules) 2821114 - ProApps POLICY DNS Query to .onion proxy Domain (45gf4t.win) (policy.rules) 2821151 - ProApps POLICY DNS Query to .onion proxy Domain (cmti5o.win) (policy.rules) 2821214 - ProApps POLICY DNS Query to .onion proxy Domain (asd3r3.top) (policy.rules) 2821217 - ProApps POLICY DNS Query to .onion proxy Domain (bestfordownload.click) (policy.rules) 2821218 - ProApps POLICY DNS Query to .onion proxy Domain (6ogy3i.top) (policy.rules) 2821220 - ProApps POLICY DNS Query to .onion proxy Domain (7jiff7.top) (policy.rules) 2821221 - ProApps POLICY DNS Query to .onion proxy Domain (o08a6d.top) (policy.rules) 2821222 - ProApps POLICY DNS Query to .onion proxy Domain (k7oud1.top) (policy.rules) 2821223 - ProApps POLICY DNS Query to .onion proxy Domain (gletterstan.trade) (policy.rules) 2821224 - ProApps POLICY DNS Query to .onion proxy Domain (j92msu.top) (policy.rules) 2821239 - ProApps POLICY DNS Query to .onion proxy Domain (g0ots2.top) (policy.rules) 2821241 - ProApps POLICY DNS Query to .onion proxy Domain (wer56t.top) (policy.rules) 2821242 - ProApps POLICY DNS Query to .onion proxy Domain (kml2o2.top) (policy.rules) 2821243 - ProApps POLICY DNS Query to .onion proxy Domain (ka0te8.top) (policy.rules) 2821246 - ProApps POLICY DNS Query to .onion proxy Domain (moonsides.faith) (policy.rules) 2821249 - ProApps POLICY DNS Query to .onion proxy Domain (9nj8ex.top) (policy.rules) 2821254 - ProApps POLICY DNS Query to .onion proxy Domain (bigfooters.loan) (policy.rules) 2821255 - ProApps POLICY DNS Query to .onion proxy Domain (c7ex9n.top) (policy.rules) 2821256 - ProApps POLICY DNS Query to .onion proxy Domain (viceled.pw) (policy.rules) 2821257 - ProApps POLICY DNS Query to .onion proxy Domain (ujtwhg.top) (policy.rules) 2821258 - ProApps POLICY DNS Query to .onion proxy Domain (9ildst.top) (policy.rules) 2821260 - ProApps POLICY DNS Query to .onion proxy Domain (marksgain.kim) (policy.rules) 2821261 - ProApps POLICY DNS Query to .onion proxy Domain (ep493u.top) (policy.rules) 2821262 - ProApps POLICY DNS Query to .onion proxy Domain (nameuser.site) (policy.rules) 2821263 - ProApps POLICY DNS Query to .onion proxy Domain (fgkr56.top) (policy.rules) 2821266 - ProApps POLICY DNS Query to .onion proxy Domain (p2lsgr.top) (policy.rules) 2821267 - ProApps POLICY DNS Query to .onion proxy Domain (o2dval.top) (policy.rules) 2821268 - ProApps POLICY DNS Query to .onion proxy Domain (chargecar.vip) (policy.rules) 2821269 - ProApps POLICY DNS Query to .onion proxy Domain (cmri58.top) (policy.rules) 2821270 - ProApps POLICY DNS Query to .onion proxy Domain (p8rruv.top) (policy.rules) 2821272 - ProApps POLICY DNS Query to .onion proxy Domain (xkfi59.top) (policy.rules) 2821273 - ProApps POLICY DNS Query to .onion proxy Domain (x1kofw.top) (policy.rules) 2821275 - ProApps POLICY DNS Query to .onion proxy Domain (58na23.top) (policy.rules) 2821276 - ProApps POLICY DNS Query to .onion proxy Domain (zclw5i.top) (policy.rules) 2821278 - ProApps POLICY DNS Query to .onion proxy Domain (5b1s82.top) (policy.rules) 2821279 - ProApps POLICY DNS Query to .onion proxy Domain (hasterlyston.cloud) (policy.rules) 2821281 - ProApps POLICY DNS Query to .onion proxy Domain (xmfru5.top) (policy.rules) 2821282 - ProApps POLICY DNS Query to .onion proxy Domain (laverhants.link) (policy.rules) 2821283 - ProApps POLICY DNS Query to .onion proxy Domain (kcufx4.top) (policy.rules) 2821284 - ProApps POLICY DNS Query to .onion proxy Domain (0225r5.top) (policy.rules) 2821285 - ProApps POLICY DNS Query to .onion proxy Domain (lk0bzc.top) (policy.rules) 2821286 - ProApps POLICY DNS Query to .onion proxy Domain (hlu8yz.top) (policy.rules) 2821288 - ProApps POLICY DNS Query to .onion proxy Domain (azwsxe.top) (policy.rules) 2821291 - ProApps POLICY DNS Query to .onion proxy Domain (thyx30.top) (policy.rules) 2821293 - ProApps POLICY DNS Query to .onion proxy Domain (grewmarks.vip) (policy.rules) 2821294 - ProApps POLICY DNS Query to .onion proxy Domain (4oti58.top) (policy.rules) 2821295 - ProApps POLICY DNS Query to .onion proxy Domain (3lhjyx.top) (policy.rules) 2821296 - ProApps POLICY DNS Query to .onion proxy Domain (mtxtul.top) (policy.rules) 2821298 - ProApps POLICY DNS Query to .onion proxy Domain (092vu8.top) (policy.rules) 2821299 - ProApps POLICY DNS Query to .onion proxy Domain (b7mciu.top) (policy.rules) 2821301 - ProApps POLICY DNS Query to .onion proxy Domain (self56.top) (policy.rules) 2821302 - ProApps POLICY DNS Query to .onion proxy Domain (sentowing.trade) (policy.rules) 2821303 - ProApps POLICY DNS Query to .onion proxy Domain (yv7l4b.top) (policy.rules) 2821304 - ProApps POLICY DNS Query to .onion proxy Domain (freshsdog.loan) (policy.rules) 2821306 - ProApps POLICY DNS Query to .onion proxy Domain (pap44w.top) (policy.rules) 2821307 - ProApps POLICY DNS Query to .onion proxy Domain (frn62e.top) (policy.rules) 2821428 - ProApps POLICY DNS Query to .onion proxy Domain (0vgu64.top) (policy.rules) 2821429 - ProApps POLICY DNS Query to .onion proxy Domain (143h2a.top) (policy.rules) 2821430 - ProApps POLICY DNS Query to .onion proxy Domain (1bipa9.top) (policy.rules) 2821431 - ProApps POLICY DNS Query to .onion proxy Domain (1de02r.top) (policy.rules) 2821434 - ProApps POLICY DNS Query to .onion proxy Domain (308an1.top) (policy.rules) 2821437 - ProApps POLICY DNS Query to .onion proxy Domain (3odvfb.top) (policy.rules) 2821438 - ProApps POLICY DNS Query to .onion proxy Domain (43wjor.top) (policy.rules) 2821439 - ProApps POLICY DNS Query to .onion proxy Domain (4ynpjd.top) (policy.rules) 2821441 - ProApps POLICY DNS Query to .onion proxy Domain (67j6ht.top) (policy.rules) 2821445 - ProApps POLICY DNS Query to .onion proxy Domain (ageshere.club) (policy.rules) 2821446 - ProApps POLICY DNS Query to .onion proxy Domain (anypicked.red) (policy.rules) 2821451 - ProApps POLICY DNS Query to .onion proxy Domain (apwzbe.top) (policy.rules) 2821453 - ProApps POLICY DNS Query to .onion proxy Domain (aredark.mobi) (policy.rules) 2821454 - ProApps POLICY DNS Query to .onion proxy Domain (barberryshin.casa) (policy.rules) 2821455 - ProApps POLICY DNS Query to .onion proxy Domain (biologyup.date) (policy.rules) 2821456 - ProApps POLICY DNS Query to .onion proxy Domain (bnctf6.top) (policy.rules) 2821457 - ProApps POLICY DNS Query to .onion proxy Domain (bookjumps.us) (policy.rules) 2821458 - ProApps POLICY DNS Query to .onion proxy Domain (boxsame.kim) (policy.rules) 2821460 - ProApps POLICY DNS Query to .onion proxy Domain (clockhate.loan) (policy.rules) 2821461 - ProApps POLICY DNS Query to .onion proxy Domain (costlady.pw) (policy.rules) 2821462 - ProApps POLICY DNS Query to .onion proxy Domain (crispkey.mobi) (policy.rules) 2821465 - ProApps POLICY DNS Query to .onion proxy Domain (dd4xo3.top) (policy.rules) 2821466 - ProApps POLICY DNS Query to .onion proxy Domain (dkrie7.top) (policy.rules) 2821467 - ProApps POLICY DNS Query to .onion proxy Domain (dkro3u.top) (policy.rules) 2821468 - ProApps POLICY DNS Query to .onion proxy Domain (doggain.mobi) (policy.rules) 2821469 - ProApps POLICY DNS Query to .onion proxy Domain (dozensby.loan) (policy.rules) 2821470 - ProApps POLICY DNS Query to .onion proxy Domain (eatsdeal.black) (policy.rules) 2821480 - ProApps POLICY DNS Query to .onion proxy Domain (fewbreaks.club) (policy.rules) 2821481 - ProApps POLICY DNS Query to .onion proxy Domain (fishtotal.bid) (policy.rules) 2821482 - ProApps POLICY DNS Query to .onion proxy Domain (flewleast.link) (policy.rules) 2821483 - ProApps POLICY DNS Query to .onion proxy Domain (flyingsix.red) (policy.rules) 2821484 - ProApps POLICY DNS Query to .onion proxy Domain (folkturns.date) (policy.rules) 2821485 - ProApps POLICY DNS Query to .onion proxy Domain (g9tneb.top) (policy.rules) 2821486 - ProApps POLICY DNS Query to .onion proxy Domain (gameswarm.loan) (policy.rules) 2821488 - ProApps POLICY DNS Query to .onion proxy Domain (gnee6i.top) (policy.rules) 2821489 - ProApps POLICY DNS Query to .onion proxy Domain (gonesolve.lol) (policy.rules) 2821490 - ProApps POLICY DNS Query to .onion proxy Domain (gpy3tc.top) (policy.rules) 2821491 - ProApps POLICY DNS Query to .onion proxy Domain (groupline.info) (policy.rules) 2821492 - ProApps POLICY DNS Query to .onion proxy Domain (gtnfgj.top) (policy.rules) 2821493 - ProApps POLICY DNS Query to .onion proxy Domain (hf60kb.top) (policy.rules) 2821494 - ProApps POLICY DNS Query to .onion proxy Domain (hw7o9w.top) (policy.rules) 2821495 - ProApps POLICY DNS Query to .onion proxy Domain (iixz3g.top) (policy.rules) 2821496 - ProApps POLICY DNS Query to .onion proxy Domain (innerband.lol) (policy.rules) 2821497 - ProApps POLICY DNS Query to .onion proxy Domain (jn8ncm.top) (policy.rules) 2821498 - ProApps POLICY DNS Query to .onion proxy Domain (jumplived.in) (policy.rules) 2821500 - ProApps POLICY DNS Query to .onion proxy Domain (knowhands.us) (policy.rules) 2821501 - ProApps POLICY DNS Query to .onion proxy Domain (kswcuk.top) (policy.rules) 2821503 - ProApps POLICY DNS Query to .onion proxy Domain (liescale.in) (policy.rules) 2821504 - ProApps POLICY DNS Query to .onion proxy Domain (lorrydo.lol) (policy.rules) 2821506 - ProApps POLICY DNS Query to .onion proxy Domain (metmet.win) (policy.rules) 2821507 - ProApps POLICY DNS Query to .onion proxy Domain (mileslook.pro) (policy.rules) 2821508 - ProApps POLICY DNS Query to .onion proxy Domain (msu96b.top) (policy.rules) 2821510 - ProApps POLICY DNS Query to .onion proxy Domain (nearlybut.us) (policy.rules) 2821511 - ProApps POLICY DNS Query to .onion proxy Domain (needmight.win) (policy.rules) 2821512 - ProApps POLICY DNS Query to .onion proxy Domain (nextask.loan) (policy.rules) 2821513 - ProApps POLICY DNS Query to .onion proxy Domain (nfgpeb.top) (policy.rules) 2821514 - ProApps POLICY DNS Query to .onion proxy Domain (ninedraws.black) (policy.rules) 2821515 - ProApps POLICY DNS Query to .onion proxy Domain (nowants.pw) (policy.rules) 2821516 - ProApps POLICY DNS Query to .onion proxy Domain (og5ezh.top) (policy.rules) 2821517 - ProApps POLICY DNS Query to .onion proxy Domain (plambers.bid) (policy.rules) 2821518 - ProApps POLICY DNS Query to .onion proxy Domain (plotbet.gdn) (policy.rules) 2821519 - ProApps POLICY DNS Query to .onion proxy Domain (powersno.link) (policy.rules) 2821532 - ProApps POLICY DNS Query to .onion proxy Domain (redefined.click) (policy.rules) 2821533 - ProApps POLICY DNS Query to .onion proxy Domain (relyleafs.click) (policy.rules) 2821534 - ProApps POLICY DNS Query to .onion proxy Domain (ridsimply.top) (policy.rules) 2821535 - ProApps POLICY DNS Query to .onion proxy Domain (rl0bdw.top) (policy.rules) 2821537 - ProApps POLICY DNS Query to .onion proxy Domain (sayssales.bid) (policy.rules) 2821538 - ProApps POLICY DNS Query to .onion proxy Domain (seenmust.pro) (policy.rules) 2821539 - ProApps POLICY DNS Query to .onion proxy Domain (sk8r54.top) (policy.rules) 2821540 - ProApps POLICY DNS Query to .onion proxy Domain (ssd5gt.top) (policy.rules) 2821541 - ProApps POLICY DNS Query to .onion proxy Domain (stopsage.gdn) (policy.rules) 2821542 - ProApps POLICY DNS Query to .onion proxy Domain (thanreal.link) (policy.rules) 2821543 - ProApps POLICY DNS Query to .onion proxy Domain (themevery.win) (policy.rules) 2821544 - ProApps POLICY DNS Query to .onion proxy Domain (topicside.club) (policy.rules) 2821545 - ProApps POLICY DNS Query to .onion proxy Domain (v11z5e.top) (policy.rules) 2821546 - ProApps POLICY DNS Query to .onion proxy Domain (variedtax.kim) (policy.rules) 2821547 - ProApps POLICY DNS Query to .onion proxy Domain (vkm4l6.top) (policy.rules) 2821550 - ProApps POLICY DNS Query to .onion proxy Domain (wonrough.in) (policy.rules) 2821551 - ProApps POLICY DNS Query to .onion proxy Domain (worsemine.pro) (policy.rules) 2821552 - ProApps POLICY DNS Query to .onion proxy Domain (wz139z.top) (policy.rules) 2821554 - ProApps POLICY DNS Query to .onion proxy Domain (y721yz.top) (policy.rules) 2821556 - ProApps POLICY DNS Query to .onion proxy Domain (z7ud98.top) (policy.rules) 2822619 - ProApps TROJAN Unknown Backdoor UA (trojan.rules) [***] ProApps Security IDS Rules Changelog started Thu Oct 13 16:06:49 2016 [***] [+++] Added rules: 36 [+++] 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules) 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules) 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules) 2822597 - ProApps MOBILE_MALWARE Android.Trojan.SLocker.IE Checkin 2 (mobile_malware.rules) 2822598 - ProApps TROJAN Win32/CONFUCIUS_B SSL Cert (trojan.rules) 2822599 - ProApps TROJAN Win32/CONFUCIUS_B External IP Check to CnC (trojan.rules) 2822600 - ProApps TROJAN Win32/CONFUCIUS_A CnC Beacon (trojan.rules) 2822601 - ProApps TROJAN Backdoor.Win32.Mocker CnC Beacon (GET) (trojan.rules) 2822602 - ProApps CURRENT_EVENTS Phishing Landing via Webeden.net (set) Oct 13 (current_events.rules) 2822603 - ProApps CURRENT_EVENTS Phishing Landing via Webeden.net Oct 13 2016 (current_events.rules) 2822604 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2016-10-13 1) (trojan.rules) 2822605 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2016-10-13 2) (trojan.rules) 2822606 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2016-10-13 3) (trojan.rules) 2822607 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2016-10-13 4) (trojan.rules) 2822608 - ProApps TROJAN DNS Query to Cerber Domain (u2r7tm.bid) (trojan.rules) 2822609 - ProApps TROJAN DNS Query to Cerber Domain (gvoafg.bid) (trojan.rules) 2822610 - ProApps TROJAN DNS Query to Cerber Domain (zbj2kc.bid) (trojan.rules) 2822611 - ProApps TROJAN DNS Query to Cerber Domain (2y4t6f.bid) (trojan.rules) 2822612 - ProApps TROJAN DNS Query to Cerber Domain (w6sj06.bid) (trojan.rules) 2822613 - ProApps TROJAN DNS Query to Cerber Domain (8zi4pf.bid) (trojan.rules) 2822614 - ProApps TROJAN DNS Query to Cerber Domain (tauunm.bid) (trojan.rules) 2822615 - ProApps TROJAN DNS Query to Cerber Domain (56185u.top) (trojan.rules) 2822616 - ProApps TROJAN DNS Query to Cerber Domain (vmotsf.bid) (trojan.rules) 2822617 - ProApps TROJAN DNS Query to Cerber Domain (drawsif.loan) (trojan.rules) 2822618 - ProApps MOBILE_MALWARE Trojan-Ransom.AndroidOS.Sugs.a Checkin (mobile_malware.rules) 2822619 - ProApps TROJAN Unknown Backdoor UA (trojan.rules) 2822620 - ProApps TROJAN Win32/Wemosis.C Checkin (trojan.rules) 2822621 - ProApps TROJAN Likely APT29 Stage2 SSL Cert (trojan.rules) 2822622 - ProApps TROJAN Likely APT29 Retrieving Payload Embedded In PNG 3 (trojan.rules) 2822623 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2016-10-13 1) (trojan.rules) 2822624 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2016-10-13 2) (trojan.rules) 2822625 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2016-10-13 3) (trojan.rules) 2822626 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2016-10-13 4) (trojan.rules) 2822627 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2016-10-13 5) (trojan.rules) [+++] Modify rules: 277 [+++] 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2820268 - ProApps POLICY DNS Query to .onion proxy Domain (kipfgs65s.com) (policy.rules) 2820269 - ProApps POLICY DNS Query to .onion proxy Domain (fastpaybtc.com) (policy.rules) 2820284 - ProApps POLICY DNS Query to .onion proxy Domain (easypaybtc.com) (policy.rules) 2820408 - ProApps POLICY DNS Query to .onion proxy Domain (tewoaq.win) (policy.rules) 2820409 - ProApps POLICY DNS Query to .onion proxy Domain (red4is.win) (policy.rules) 2820411 - ProApps POLICY DNS Query to .onion proxy Domain (to6maq.win) (policy.rules) 2820412 - ProApps POLICY DNS Query to .onion proxy Domain (maqwe5.win) (policy.rules) 2820413 - ProApps POLICY DNS Query to .onion proxy Domain (wewiso.win) (policy.rules) 2820414 - ProApps POLICY DNS Query to .onion proxy Domain (nerti5.win) (policy.rules) 2820415 - ProApps POLICY DNS Query to .onion proxy Domain (raress.win) (policy.rules) 2820416 - ProApps POLICY DNS Query to .onion proxy Domain (workju.win) (policy.rules) 2820417 - ProApps POLICY DNS Query to .onion proxy Domain (wet4io.win) (policy.rules) 2820418 - ProApps POLICY DNS Query to .onion proxy Domain (mix3hi.win) (policy.rules) 2820419 - ProApps POLICY DNS Query to .onion proxy Domain (oneswi.win) (policy.rules) 2820420 - ProApps POLICY DNS Query to .onion proxy Domain (lib2vi.win) (policy.rules) 2820421 - ProApps POLICY DNS Query to .onion proxy Domain (tigifc.win) (policy.rules) 2820422 - ProApps POLICY DNS Query to .onion proxy Domain (ti4wic.win) (policy.rules) 2820423 - ProApps POLICY DNS Query to .onion proxy Domain (amdeu5.win) (policy.rules) 2820424 - ProApps POLICY DNS Query to .onion proxy Domain (moneu5.win) (policy.rules) 2820425 - ProApps POLICY DNS Query to .onion proxy Domain (m5gid4.win) (policy.rules) 2820426 - ProApps POLICY DNS Query to .onion proxy Domain (m5fgoi.win) (policy.rules) 2820427 - ProApps POLICY DNS Query to .onion proxy Domain (wins4n.win) (policy.rules) 2820428 - ProApps POLICY DNS Query to .onion proxy Domain (m5gips.win) (policy.rules) 2820496 - ProApps POLICY DNS Query to .onion proxy Domain (azwsxe.win) (policy.rules) 2820497 - ProApps POLICY DNS Query to .onion proxy Domain (xzcfr4.win) (policy.rules) 2820498 - ProApps POLICY DNS Query to .onion proxy Domain (asd3r3.win) (policy.rules) 2820499 - ProApps POLICY DNS Query to .onion proxy Domain (fgfid6.win) (policy.rules) 2820500 - ProApps POLICY DNS Query to .onion proxy Domain (werti4.win) (policy.rules) 2820501 - ProApps POLICY DNS Query to .onion proxy Domain (azlto5.win) (policy.rules) 2820502 - ProApps POLICY DNS Query to .onion proxy Domain (sdfiso.win) (policy.rules) 2820503 - ProApps POLICY DNS Query to .onion proxy Domain (ad34ft.win) (policy.rules) 2820504 - ProApps POLICY DNS Query to .onion proxy Domain (asxce4.win) (policy.rules) 2820505 - ProApps POLICY DNS Query to .onion proxy Domain (sims6n.win) (policy.rules) 2820507 - ProApps POLICY DNS Query to .onion proxy Domain (45kgok.win) (policy.rules) 2820716 - ProApps POLICY DNS Query to .onion proxy Domain (lfotp5.win) (policy.rules) 2820717 - ProApps POLICY DNS Query to .onion proxy Domain (6oifgr.win) (policy.rules) 2820718 - ProApps POLICY DNS Query to .onion proxy Domain (zx34jk.win) (policy.rules) 2820720 - ProApps POLICY DNS Query to .onion proxy Domain (xo59ok.win) (policy.rules) 2820721 - ProApps POLICY DNS Query to .onion proxy Domain (rt4e34.win) (policy.rules) 2820722 - ProApps POLICY DNS Query to .onion proxy Domain (as13fd.win) (policy.rules) 2820723 - ProApps POLICY DNS Query to .onion proxy Domain (xlfp45.win) (policy.rules) 2820724 - ProApps POLICY DNS Query to .onion proxy Domain (xltnet.win) (policy.rules) 2820725 - ProApps POLICY DNS Query to .onion proxy Domain (ret5kr.win) (policy.rules) 2820726 - ProApps POLICY DNS Query to .onion proxy Domain (xmfhr6.win) (policy.rules) 2820729 - ProApps POLICY DNS Query to .onion proxy Domain (slr849.win) (policy.rules) 2820730 - ProApps POLICY DNS Query to .onion proxy Domain (zgf48j.win) (policy.rules) 2820818 - ProApps POLICY DNS Query to .onion proxy Domain (dkrti5.win) (policy.rules) 2820819 - ProApps POLICY DNS Query to .onion proxy Domain (vmfu48.win) (policy.rules) 2820820 - ProApps POLICY DNS Query to .onion proxy Domain (gkfit9.win) (policy.rules) 2820821 - ProApps POLICY DNS Query to .onion proxy Domain (cneo59.win) (policy.rules) 2820823 - ProApps POLICY DNS Query to .onion proxy Domain (xmfir0.win) (policy.rules) 2820865 - ProApps POLICY DNS Query to .onion proxy Domain (305iot.win) (policy.rules) 2820866 - ProApps POLICY DNS Query to .onion proxy Domain (djre89.win) (policy.rules) 2820867 - ProApps POLICY DNS Query to .onion proxy Domain (fkri48.win) (policy.rules) 2820869 - ProApps POLICY DNS Query to .onion proxy Domain (xmfjr7.top) (policy.rules) 2820992 - ProApps MOBILE_MALWARE Trojan-Ransom.AndroidOS.Svpeng.s Checkin (mobile_malware.rules) 2821007 - ProApps POLICY DNS Query to .onion proxy Domain (xtrvb4.win) (policy.rules) 2821008 - ProApps POLICY DNS Query to .onion proxy Domain (ie7t8k.top) (policy.rules) 2821010 - ProApps POLICY DNS Query to .onion proxy Domain (alri58.win) (policy.rules) 2821013 - ProApps POLICY DNS Query to .onion proxy Domain (fkgrie.top) (policy.rules) 2821047 - ProApps POLICY DNS Query to .onion proxy Domain (5kti58.top) (policy.rules) 2821048 - ProApps POLICY DNS Query to .onion proxy Domain (xmfkr8.top) (policy.rules) 2821049 - ProApps POLICY DNS Query to .onion proxy Domain (to6maq.top) (policy.rules) 2821050 - ProApps POLICY DNS Query to .onion proxy Domain (vmfur5.top) (policy.rules) 2821051 - ProApps POLICY DNS Query to .onion proxy Domain (lfotp5.top) (policy.rules) 2821052 - ProApps POLICY DNS Query to .onion proxy Domain (we34re.top) (policy.rules) 2821096 - ProApps TROJAN Ransomware/Cerber Onion Domain Lookup (trojan.rules) 2821108 - ProApps POLICY DNS Query to .onion proxy Domain (adevf4.win) (policy.rules) 2821112 - ProApps POLICY DNS Query to .onion proxy Domain (fgfid6.top) (policy.rules) 2821113 - ProApps POLICY DNS Query to .onion proxy Domain (fkr84i.win) (policy.rules) 2821114 - ProApps POLICY DNS Query to .onion proxy Domain (45gf4t.win) (policy.rules) 2821151 - ProApps POLICY DNS Query to .onion proxy Domain (cmti5o.win) (policy.rules) 2821192 - ProApps TROJAN Ransomware/Cerber Onion Domain Lookup (trojan.rules) 2821193 - ProApps TROJAN Ransomware/Cerber Onion Domain Lookup (trojan.rules) 2821214 - ProApps POLICY DNS Query to .onion proxy Domain (asd3r3.top) (policy.rules) 2821217 - ProApps POLICY DNS Query to .onion proxy Domain (bestfordownload.click) (policy.rules) 2821218 - ProApps POLICY DNS Query to .onion proxy Domain (6ogy3i.top) (policy.rules) 2821220 - ProApps POLICY DNS Query to .onion proxy Domain (7jiff7.top) (policy.rules) 2821221 - ProApps POLICY DNS Query to .onion proxy Domain (o08a6d.top) (policy.rules) 2821222 - ProApps POLICY DNS Query to .onion proxy Domain (k7oud1.top) (policy.rules) 2821223 - ProApps POLICY DNS Query to .onion proxy Domain (gletterstan.trade) (policy.rules) 2821224 - ProApps POLICY DNS Query to .onion proxy Domain (j92msu.top) (policy.rules) 2821239 - ProApps POLICY DNS Query to .onion proxy Domain (g0ots2.top) (policy.rules) 2821241 - ProApps POLICY DNS Query to .onion proxy Domain (wer56t.top) (policy.rules) 2821242 - ProApps POLICY DNS Query to .onion proxy Domain (kml2o2.top) (policy.rules) 2821243 - ProApps POLICY DNS Query to .onion proxy Domain (ka0te8.top) (policy.rules) 2821246 - ProApps POLICY DNS Query to .onion proxy Domain (moonsides.faith) (policy.rules) 2821249 - ProApps POLICY DNS Query to .onion proxy Domain (9nj8ex.top) (policy.rules) 2821254 - ProApps POLICY DNS Query to .onion proxy Domain (bigfooters.loan) (policy.rules) 2821255 - ProApps POLICY DNS Query to .onion proxy Domain (c7ex9n.top) (policy.rules) 2821256 - ProApps POLICY DNS Query to .onion proxy Domain (viceled.pw) (policy.rules) 2821257 - ProApps POLICY DNS Query to .onion proxy Domain (ujtwhg.top) (policy.rules) 2821258 - ProApps POLICY DNS Query to .onion proxy Domain (9ildst.top) (policy.rules) 2821260 - ProApps POLICY DNS Query to .onion proxy Domain (marksgain.kim) (policy.rules) 2821261 - ProApps POLICY DNS Query to .onion proxy Domain (ep493u.top) (policy.rules) 2821262 - ProApps POLICY DNS Query to .onion proxy Domain (nameuser.site) (policy.rules) 2821263 - ProApps POLICY DNS Query to .onion proxy Domain (fgkr56.top) (policy.rules) 2821266 - ProApps POLICY DNS Query to .onion proxy Domain (p2lsgr.top) (policy.rules) 2821267 - ProApps POLICY DNS Query to .onion proxy Domain (o2dval.top) (policy.rules) 2821268 - ProApps POLICY DNS Query to .onion proxy Domain (chargecar.vip) (policy.rules) 2821269 - ProApps POLICY DNS Query to .onion proxy Domain (cmri58.top) (policy.rules) 2821270 - ProApps POLICY DNS Query to .onion proxy Domain (p8rruv.top) (policy.rules) 2821272 - ProApps POLICY DNS Query to .onion proxy Domain (xkfi59.top) (policy.rules) 2821273 - ProApps POLICY DNS Query to .onion proxy Domain (x1kofw.top) (policy.rules) 2821275 - ProApps POLICY DNS Query to .onion proxy Domain (58na23.top) (policy.rules) 2821276 - ProApps POLICY DNS Query to .onion proxy Domain (zclw5i.top) (policy.rules) 2821278 - ProApps POLICY DNS Query to .onion proxy Domain (5b1s82.top) (policy.rules) 2821279 - ProApps POLICY DNS Query to .onion proxy Domain (hasterlyston.cloud) (policy.rules) 2821281 - ProApps POLICY DNS Query to .onion proxy Domain (xmfru5.top) (policy.rules) 2821282 - ProApps POLICY DNS Query to .onion proxy Domain (laverhants.link) (policy.rules) 2821283 - ProApps POLICY DNS Query to .onion proxy Domain (kcufx4.top) (policy.rules) 2821284 - ProApps POLICY DNS Query to .onion proxy Domain (0225r5.top) (policy.rules) 2821285 - ProApps POLICY DNS Query to .onion proxy Domain (lk0bzc.top) (policy.rules) 2821286 - ProApps POLICY DNS Query to .onion proxy Domain (hlu8yz.top) (policy.rules) 2821288 - ProApps POLICY DNS Query to .onion proxy Domain (azwsxe.top) (policy.rules) 2821291 - ProApps POLICY DNS Query to .onion proxy Domain (thyx30.top) (policy.rules) 2821293 - ProApps POLICY DNS Query to .onion proxy Domain (grewmarks.vip) (policy.rules) 2821294 - ProApps POLICY DNS Query to .onion proxy Domain (4oti58.top) (policy.rules) 2821295 - ProApps POLICY DNS Query to .onion proxy Domain (3lhjyx.top) (policy.rules) 2821296 - ProApps POLICY DNS Query to .onion proxy Domain (mtxtul.top) (policy.rules) 2821298 - ProApps POLICY DNS Query to .onion proxy Domain (092vu8.top) (policy.rules) 2821299 - ProApps POLICY DNS Query to .onion proxy Domain (b7mciu.top) (policy.rules) 2821301 - ProApps POLICY DNS Query to .onion proxy Domain (self56.top) (policy.rules) 2821302 - ProApps POLICY DNS Query to .onion proxy Domain (sentowing.trade) (policy.rules) 2821303 - ProApps POLICY DNS Query to .onion proxy Domain (yv7l4b.top) (policy.rules) 2821304 - ProApps POLICY DNS Query to .onion proxy Domain (freshsdog.loan) (policy.rules) 2821306 - ProApps POLICY DNS Query to .onion proxy Domain (pap44w.top) (policy.rules) 2821307 - ProApps POLICY DNS Query to .onion proxy Domain (frn62e.top) (policy.rules) 2821352 - ProApps TROJAN Ransomware/Cerber Onion Domain Lookup (trojan.rules) 2821428 - ProApps POLICY DNS Query to .onion proxy Domain (0vgu64.top) (policy.rules) 2821429 - ProApps POLICY DNS Query to .onion proxy Domain (143h2a.top) (policy.rules) 2821430 - ProApps POLICY DNS Query to .onion proxy Domain (1bipa9.top) (policy.rules) 2821431 - ProApps POLICY DNS Query to .onion proxy Domain (1de02r.top) (policy.rules) 2821434 - ProApps POLICY DNS Query to .onion proxy Domain (308an1.top) (policy.rules) 2821437 - ProApps POLICY DNS Query to .onion proxy Domain (3odvfb.top) (policy.rules) 2821438 - ProApps POLICY DNS Query to .onion proxy Domain (43wjor.top) (policy.rules) 2821439 - ProApps POLICY DNS Query to .onion proxy Domain (4ynpjd.top) (policy.rules) 2821441 - ProApps POLICY DNS Query to .onion proxy Domain (67j6ht.top) (policy.rules) 2821445 - ProApps POLICY DNS Query to .onion proxy Domain (ageshere.club) (policy.rules) 2821446 - ProApps POLICY DNS Query to .onion proxy Domain (anypicked.red) (policy.rules) 2821451 - ProApps POLICY DNS Query to .onion proxy Domain (apwzbe.top) (policy.rules) 2821453 - ProApps POLICY DNS Query to .onion proxy Domain (aredark.mobi) (policy.rules) 2821454 - ProApps POLICY DNS Query to .onion proxy Domain (barberryshin.casa) (policy.rules) 2821455 - ProApps POLICY DNS Query to .onion proxy Domain (biologyup.date) (policy.rules) 2821456 - ProApps POLICY DNS Query to .onion proxy Domain (bnctf6.top) (policy.rules) 2821457 - ProApps POLICY DNS Query to .onion proxy Domain (bookjumps.us) (policy.rules) 2821458 - ProApps POLICY DNS Query to .onion proxy Domain (boxsame.kim) (policy.rules) 2821460 - ProApps POLICY DNS Query to .onion proxy Domain (clockhate.loan) (policy.rules) 2821461 - ProApps POLICY DNS Query to .onion proxy Domain (costlady.pw) (policy.rules) 2821462 - ProApps POLICY DNS Query to .onion proxy Domain (crispkey.mobi) (policy.rules) 2821465 - ProApps POLICY DNS Query to .onion proxy Domain (dd4xo3.top) (policy.rules) 2821466 - ProApps POLICY DNS Query to .onion proxy Domain (dkrie7.top) (policy.rules) 2821467 - ProApps POLICY DNS Query to .onion proxy Domain (dkro3u.top) (policy.rules) 2821468 - ProApps POLICY DNS Query to .onion proxy Domain (doggain.mobi) (policy.rules) 2821469 - ProApps POLICY DNS Query to .onion proxy Domain (dozensby.loan) (policy.rules) 2821470 - ProApps POLICY DNS Query to .onion proxy Domain (eatsdeal.black) (policy.rules) 2821480 - ProApps POLICY DNS Query to .onion proxy Domain (fewbreaks.club) (policy.rules) 2821481 - ProApps POLICY DNS Query to .onion proxy Domain (fishtotal.bid) (policy.rules) 2821482 - ProApps POLICY DNS Query to .onion proxy Domain (flewleast.link) (policy.rules) 2821483 - ProApps POLICY DNS Query to .onion proxy Domain (flyingsix.red) (policy.rules) 2821484 - ProApps POLICY DNS Query to .onion proxy Domain (folkturns.date) (policy.rules) 2821485 - ProApps POLICY DNS Query to .onion proxy Domain (g9tneb.top) (policy.rules) 2821486 - ProApps POLICY DNS Query to .onion proxy Domain (gameswarm.loan) (policy.rules) 2821488 - ProApps POLICY DNS Query to .onion proxy Domain (gnee6i.top) (policy.rules) 2821489 - ProApps POLICY DNS Query to .onion proxy Domain (gonesolve.lol) (policy.rules) 2821490 - ProApps POLICY DNS Query to .onion proxy Domain (gpy3tc.top) (policy.rules) 2821491 - ProApps POLICY DNS Query to .onion proxy Domain (groupline.info) (policy.rules) 2821492 - ProApps POLICY DNS Query to .onion proxy Domain (gtnfgj.top) (policy.rules) 2821493 - ProApps POLICY DNS Query to .onion proxy Domain (hf60kb.top) (policy.rules) 2821494 - ProApps POLICY DNS Query to .onion proxy Domain (hw7o9w.top) (policy.rules) 2821495 - ProApps POLICY DNS Query to .onion proxy Domain (iixz3g.top) (policy.rules) 2821496 - ProApps POLICY DNS Query to .onion proxy Domain (innerband.lol) (policy.rules) 2821497 - ProApps POLICY DNS Query to .onion proxy Domain (jn8ncm.top) (policy.rules) 2821498 - ProApps POLICY DNS Query to .onion proxy Domain (jumplived.in) (policy.rules) 2821500 - ProApps POLICY DNS Query to .onion proxy Domain (knowhands.us) (policy.rules) 2821501 - ProApps POLICY DNS Query to .onion proxy Domain (kswcuk.top) (policy.rules) 2821503 - ProApps POLICY DNS Query to .onion proxy Domain (liescale.in) (policy.rules) 2821504 - ProApps POLICY DNS Query to .onion proxy Domain (lorrydo.lol) (policy.rules) 2821506 - ProApps POLICY DNS Query to .onion proxy Domain (metmet.win) (policy.rules) 2821507 - ProApps POLICY DNS Query to .onion proxy Domain (mileslook.pro) (policy.rules) 2821508 - ProApps POLICY DNS Query to .onion proxy Domain (msu96b.top) (policy.rules) 2821510 - ProApps POLICY DNS Query to .onion proxy Domain (nearlybut.us) (policy.rules) 2821511 - ProApps POLICY DNS Query to .onion proxy Domain (needmight.win) (policy.rules) 2821512 - ProApps POLICY DNS Query to .onion proxy Domain (nextask.loan) (policy.rules) 2821513 - ProApps POLICY DNS Query to .onion proxy Domain (nfgpeb.top) (policy.rules) 2821514 - ProApps POLICY DNS Query to .onion proxy Domain (ninedraws.black) (policy.rules) 2821515 - ProApps POLICY DNS Query to .onion proxy Domain (nowants.pw) (policy.rules) 2821516 - ProApps POLICY DNS Query to .onion proxy Domain (og5ezh.top) (policy.rules) 2821517 - ProApps POLICY DNS Query to .onion proxy Domain (plambers.bid) (policy.rules) 2821518 - ProApps POLICY DNS Query to .onion proxy Domain (plotbet.gdn) (policy.rules) 2821519 - ProApps POLICY DNS Query to .onion proxy Domain (powersno.link) (policy.rules) 2821532 - ProApps POLICY DNS Query to .onion proxy Domain (redefined.click) (policy.rules) 2821533 - ProApps POLICY DNS Query to .onion proxy Domain (relyleafs.click) (policy.rules) 2821534 - ProApps POLICY DNS Query to .onion proxy Domain (ridsimply.top) (policy.rules) 2821535 - ProApps POLICY DNS Query to .onion proxy Domain (rl0bdw.top) (policy.rules) 2821537 - ProApps POLICY DNS Query to .onion proxy Domain (sayssales.bid) (policy.rules) 2821538 - ProApps POLICY DNS Query to .onion proxy Domain (seenmust.pro) (policy.rules) 2821539 - ProApps POLICY DNS Query to .onion proxy Domain (sk8r54.top) (policy.rules) 2821540 - ProApps POLICY DNS Query to .onion proxy Domain (ssd5gt.top) (policy.rules) 2821541 - ProApps POLICY DNS Query to .onion proxy Domain (stopsage.gdn) (policy.rules) 2821542 - ProApps POLICY DNS Query to .onion proxy Domain (thanreal.link) (policy.rules) 2821543 - ProApps POLICY DNS Query to .onion proxy Domain (themevery.win) (policy.rules) 2821544 - ProApps POLICY DNS Query to .onion proxy Domain (topicside.club) (policy.rules) 2821545 - ProApps POLICY DNS Query to .onion proxy Domain (v11z5e.top) (policy.rules) 2821546 - ProApps POLICY DNS Query to .onion proxy Domain (variedtax.kim) (policy.rules) 2821547 - ProApps POLICY DNS Query to .onion proxy Domain (vkm4l6.top) (policy.rules) 2821550 - ProApps POLICY DNS Query to .onion proxy Domain (wonrough.in) (policy.rules) 2821551 - ProApps POLICY DNS Query to .onion proxy Domain (worsemine.pro) (policy.rules) 2821552 - ProApps POLICY DNS Query to .onion proxy Domain (wz139z.top) (policy.rules) 2821554 - ProApps POLICY DNS Query to .onion proxy Domain (y721yz.top) (policy.rules) 2821556 - ProApps POLICY DNS Query to .onion proxy Domain (z7ud98.top) (policy.rules) 2821781 - ProApps TROJAN Ransomware/Cerber Onion Domain Lookup (trojan.rules) 2822579 - ProApps TROJAN Backdoor.Win32.Mocker Variant Checkin M1 (trojan.rules) 2822580 - ProApps TROJAN Backdoor.Win32.Mocker Variant Checkin M2 (trojan.rules) [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Wed Oct 12 16:31:41 2016 [***] [+++] Added rules: 41 [+++] 2023334 - ProApps TROJAN Enigma Locker Checkin (trojan.rules) 2023335 - ProApps TROJAN Nuke Ransomware Checkin (trojan.rules) 2023336 - ProApps TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gozi MITM) (trojan.rules) 2822559 - ProApps MALWARE MSIL/Adware.CloudGuard.D Checkin M1 (malware.rules) 2822560 - ProApps MALWARE MSIL/Adware.CloudGuard.D Checkin M2 (malware.rules) 2822561 - ProApps CURRENT_EVENTS Successful Personalized DHL Phish Oct 11 2016 (current_events.rules) 2822562 - ProApps CURRENT_EVENTS Successful Google Drive Shared Document Phish Oct 11 2016 (current_events.rules) 2822563 - ProApps CURRENT_EVENTS Successful Rabobank Phish M1 Oct 11 2016 (current_events.rules) 2822564 - ProApps CURRENT_EVENTS Successful Rabobank Phish M2 Oct 11 2016 (current_events.rules) 2822565 - ProApps CURRENT_EVENTS Successful Rabobank Phish M3 Oct 11 2016 (current_events.rules) 2822566 - ProApps CURRENT_EVENTS Successful Paypal Phish Oct 11 2016 (current_events.rules) 2822567 - ProApps CURRENT_EVENTS Successful Gmail Phish M1 Oct 11 2016 (current_events.rules) 2822568 - ProApps CURRENT_EVENTS Successful Gmail Phish M2 Oct 11 2016 (current_events.rules) 2822569 - ProApps CURRENT_EVENTS Successful Chase Phish Oct 11 2016 (current_events.rules) 2822570 - ProApps CURRENT_EVENTS Successful Google Drive Phish Oct 11 2016 (current_events.rules) 2822571 - ProApps CURRENT_EVENTS Successful Generic PDF Online Phish Oct 11 2016 (current_events.rules) 2822572 - ProApps CURRENT_EVENTS Successful Adobe PDF Phish Oct 11 2016 (current_events.rules) 2822573 - ProApps CURRENT_EVENTS Successful Paypal Phish Oct 11 2016 (current_events.rules) 2822574 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2016-10-11 1) (trojan.rules) 2822575 - ProApps TROJAN StrongPity SSL Cert 1 (trojan.rules) 2822576 - ProApps TROJAN StrongPity SSL Cert 2 (trojan.rules) 2822577 - ProApps TROJAN Malicious SSL certificate detected (Odinaff CnC) (trojan.rules) 2822578 - ProApps TROJAN Malicious SSL certificate detected (Odinaff CnC) (trojan.rules) 2822579 - ProApps TROJAN Backdoor.Win32.Mocker/Korplug Variant Checkin M1 (trojan.rules) 2822580 - ProApps TROJAN Backdoor.Win32.Mocker/Korplug Variant Checkin M2 (trojan.rules) 2822581 - ProApps TROJAN PoisonIvy Keepalive to CnC 562 (trojan.rules) 2822582 - ProApps TROJAN PoisonIvy Keepalive to CnC 563 (trojan.rules) 2822583 - ProApps TROJAN PoisonIvy Keepalive to CnC 564 (trojan.rules) 2822584 - ProApps TROJAN Ursnif Variant CnC Beacon 6 (trojan.rules) 2822585 - ProApps TROJAN Observed Malicious SSL Cert (Zeus Panda) (trojan.rules) 2822586 - ProApps CURRENT_EVENTS Successful Ebay Phish Oct 12 2016 (current_events.rules) 2822587 - ProApps CURRENT_EVENTS Successful Linkedin Phish Oct 12 2016 (current_events.rules) 2822588 - ProApps CURRENT_EVENTS Successful Paypal Phish Oct 12 2016 (current_events.rules) 2822589 - ProApps CURRENT_EVENTS Successful Netflix Phish Oct 12 2016 (current_events.rules) 2822590 - ProApps CURRENT_EVENTS Successful HBL Bank Phish M1 Oct 12 2016 (current_events.rules) 2822591 - ProApps CURRENT_EVENTS Successful HBL Bank Phish M2 Oct 12 2016 (current_events.rules) 2822592 - ProApps CURRENT_EVENTS Successful Facebook Phish Oct 12 2016 (current_events.rules) 2822593 - ProApps CURRENT_EVENTS Successful CenturyLink Phish Oct 12 2016 (current_events.rules) 2822594 - ProApps CURRENT_EVENTS Successful SelectAccount Phish Oct 12 2016 (current_events.rules) 2822595 - ProApps CURRENT_EVENTS Successful Wells Fargo Phish Oct 12 2016 (current_events.rules) 2822596 - ProApps TROJAN Win32/Philadelphia Ransomware Encryption Activity (trojan.rules) [+++] Modify rules: 71 [+++] 2020215 - ProApps TROJAN Backdoor.Win32.PcClient.bal CnC (OUTBOUND) 5 (trojan.rules) 2021752 - ProApps CURRENT_EVENTS SUSPICIOUS Likely Neutrino EK or other EK IE Flash request to DYNDNS set non-standard filename (current_events.rules) 2023237 - ProApps CURRENT_EVENTS Possible Fake AV Phone Scam Long Domain Sept 15 2016 (current_events.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2807120 - ProApps TROJAN Downloader/Win32.Zlob Checkin Response (trojan.rules) 2821767 - ProApps TROJAN W32/Joinme Dropper EXE DL (trojan.rules) 2822136 - ProApps TROJAN Win32/Philadelphia Ransomware CnC Checkin (trojan.rules) 2822216 - ProApps CURRENT_EVENTS Astrum EK Plugin Detect Reporitng URI Struct (current_events.rules) 2822331 - ProApps TROJAN Malicious SSL certificate detected (Odinaff CnC) (trojan.rules) [+++] Removed rules: 1 [+++] 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) [***] ProApps Security IDS Rules Changelog started Tue Oct 11 16:27:34 2016 [***] [+++] Added rules: 33 [+++] 2023333 - ProApps TROJAN Linux.Mirai Login Attempt (xc3511) (trojan.rules) 2822527 - ProApps WEB_CLIENT Possible Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2016-3267) (web_client.rules) 2822528 - ProApps WEB_CLIENT Possible Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2016-3298) M1 (web_client.rules) 2822529 - ProApps WEB_CLIENT Possible Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2016-3298) M2 (web_client.rules) 2822530 - ProApps WEB_CLIENT Microsoft Edge Memory Corruption Vulnerability (CVE-2016-3331) (web_client.rules) 2822531 - ProApps WEB_CLIENT Possible Microsoft Internet Explorer and Edge Memory Corruption Vulnerability (CVE-2016-3382) (web_client.rules) 2822532 - ProApps WEB_CLIENT Possible Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3385) (web_client.rules) 2822533 - ProApps WEB_CLIENT Possible Microsoft Edge Memory Corruption (CVE-2016-3386) (web_client.rules) 2822534 - ProApps WEB_CLIENT Possible Microsoft Edge Information Disclosure Vulnerability (CVE-2016-7189) (web_client.rules) 2822535 - ProApps WEB_CLIENT Possible Microsoft Edge Memory Corruption Vulnerability M1 (CVE-2016-7190) (web_client.rules) 2822536 - ProApps WEB_CLIENT Possible Microsoft Edge Memory Corruption Vulnerability M2 (CVE-2016-7190) (web_client.rules) 2822537 - ProApps EXPLOIT Possible Win32k Elevation of Privilege Vulnerability (CVE-2016-7191) (exploit.rules) 2822538 - ProApps WEB_CLIENT Possible Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7194) (web_client.rules) 2822539 - ProApps EXPLOIT Adobe Flash Player Memory Corruption (CVE-2016-4273) (exploit.rules) 2822540 - ProApps EXPLOIT Adobe Acrobat Reader Heap Overflow (CVE-2016-6939) (exploit.rules) 2822541 - ProApps EXPLOIT Adobe Acrobat Reader Use After Free (CVE-2016-6946) (exploit.rules) 2822542 - ProApps EXPLOIT Adobe Acrobat Reader XSLT parsing engine Memory Corruption (CVE-2016-6960) (exploit.rules) 2822543 - ProApps EXPLOIT Flash Player Use After Free (CVE-2016-6981) (exploit.rules) 2822544 - ProApps MOBILE_MALWARE Backdoor.AndroidOS.Rittew.a DNS Lookup (mobile_malware.rules) 2822545 - ProApps MOBILE_MALWARE Backdoor.AndroidOS.Rittew.a DNS Lookup (mobile_malware.rules) 2822546 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules) 2822547 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher.pac DNS Lookup (mobile_malware.rules) 2822548 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher.q DNS Lookup (mobile_malware.rules) 2822549 - ProApps MALWARE Mailbot PUA Version Check (malware.rules) 2822550 - ProApps CURRENT_EVENTS Successful iCloud Phish Oct 10 2016 (current_events.rules) 2822551 - ProApps CURRENT_EVENTS Successful Google Drive Phish Oct 10 2016 (current_events.rules) 2822552 - ProApps CURRENT_EVENTS Successful Gmail Phish Oct 10 2016 (current_events.rules) 2822553 - ProApps TROJAN PoisonIvy Keepalive to CnC 560 (trojan.rules) 2822554 - ProApps TROJAN PoisonIvy Keepalive to CnC 561 (trojan.rules) 2822555 - ProApps TROJAN APT28 XAgent DNS Lookup (trojan.rules) 2822556 - ProApps TROJAN APT28 XAgent DNS Lookup (trojan.rules) 2822557 - ProApps TROJAN APT28 XAgent DNS Lookup (trojan.rules) 2822558 - ProApps TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) [+++] Modify rules: 68 [+++] 2011865 - ProApps WEB_CLIENT Embedded Executable File in PDF - This Program Cannot Be Run in DOS Mode (web_client.rules) 2014726 - ProApps POLICY Outdated Windows Flash Version IE (policy.rules) 2018080 - ProApps TROJAN Suspicious Request for Pdf.exe Observed in Zeus/Luminosity Link (trojan.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2807968 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher.a Checkin (mobile_malware.rules) [+++] Removed rules: 2 [+++] 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2822519 - ProApps TROJAN Linux.Mirai Login Attempt (xc3511) (trojan.rules) [***] ProApps Security IDS Rules Changelog started Mon Oct 10 18:26:33 2016 [***] [+++] Added rules: 34 [+++] 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules) 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules) 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules) 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules) 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules) 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules) 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules) 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules) 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules) 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules) 2822503 - ProApps CURRENT_EVENTS Evil Redirector Leading to EK Oct 09 (current_events.rules) 2822504 - ProApps CURRENT_EVENTS Evil Redirector Leading to EK Oct 07 2016 (current_events.rules) 2822505 - ProApps CURRENT_EVENTS Successful Bank of America Phish Oct 07 M1 (current_events.rules) 2822506 - ProApps CURRENT_EVENTS Successful Bank of America Phish Oct 07 M2 (current_events.rules) 2822507 - ProApps CURRENT_EVENTS Successful Bank of America Phish Oct 07 M3 (current_events.rules) 2822508 - ProApps TROJAN NanoCore RAT CnC 20 (trojan.rules) 2822509 - ProApps TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822510 - ProApps TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822511 - ProApps TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822512 - ProApps TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822513 - ProApps TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822514 - ProApps TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822515 - ProApps TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822516 - ProApps TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822517 - ProApps TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822518 - ProApps TROJAN PoisonIvy Keepalive to CnC 559 (trojan.rules) 2822519 - ProApps TROJAN Linux.Mirai Login Attempt (xc3511) (trojan.rules) 2822520 - ProApps TROJAN Vulnerable HTTP Server Version (Linux.Mirai) (trojan.rules) 2822521 - ProApps TROJAN Malicious SSL Certificate Detected (Linux.Rex Scanner) (trojan.rules) 2822522 - ProApps CURRENT_EVENTS Successful Dynamic Folder Phish Oct 10 2016 (current_events.rules) 2822523 - ProApps CURRENT_EVENTS Successful Dynamic Folder Phish Oct 10 2016 (current_events.rules) 2822524 - ProApps CURRENT_EVENTS Successful TNT/Fedex Shipping Phish Oct 10 2016 (current_events.rules) 2822525 - ProApps CURRENT_EVENTS Successful Hotmail Phish Oct 10 2016 (current_events.rules) 2822526 - ProApps TROJAN Quant Loader Download Request 2 (trojan.rules) [+++] Modify rules: 92 [+++] 2400000 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 1 (drop.rules) 2400001 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 2 (drop.rules) 2400002 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 3 (drop.rules) 2400003 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 4 (drop.rules) 2400004 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 5 (drop.rules) 2400005 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 6 (drop.rules) 2400006 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 7 (drop.rules) 2400007 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 8 (drop.rules) 2400008 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 9 (drop.rules) 2400009 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 10 (drop.rules) 2400010 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 11 (drop.rules) 2400011 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 12 (drop.rules) 2400012 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 13 (drop.rules) 2400013 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 14 (drop.rules) 2400014 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 15 (drop.rules) 2400015 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 16 (drop.rules) 2400016 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 17 (drop.rules) 2400017 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 18 (drop.rules) 2400018 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 19 (drop.rules) 2400019 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 20 (drop.rules) 2400020 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 21 (drop.rules) 2400021 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 22 (drop.rules) 2400022 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 23 (drop.rules) 2400023 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 24 (drop.rules) 2400024 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 25 (drop.rules) 2400025 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 26 (drop.rules) 2400026 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 27 (drop.rules) 2400027 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 28 (drop.rules) 2400028 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 29 (drop.rules) 2400029 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 30 (drop.rules) 2400030 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 31 (drop.rules) 2400031 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 32 (drop.rules) 2400032 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 33 (drop.rules) 2400033 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 34 (drop.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2819804 - ProApps TROJAN Win32/CoreBot Retrieving PE (trojan.rules) 2821569 - ProApps TROJAN Locky CnC checkin Aug 03 2016 M2 (trojan.rules) 2822393 - ProApps TROJAN MSIL/Pony Stealer Variant CnC Checkin (trojan.rules) [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Fri Oct 7 18:23:58 2016 [***] [+++] Added rules: 38 [+++] 2023327 - ProApps TROJAN ABUSE.CH TorrenLocker Payment Domain Detected (trojan.rules) 2023328 - ProApps TROJAN ABUSE.CH TorrenLocker Payment Domain Detected (trojan.rules) 2023329 - ProApps TROJAN ABUSE.CH Locky Payment Domain Detected (trojan.rules) 2023330 - ProApps TROJAN CryptoWall/TeslaCrypt Payment Domain (trojan.rules) 2023331 - ProApps TROJAN CryptoWall/TeslaCrypt Payment Domain (trojan.rules) 2023332 - ProApps TROJAN CryptoWall/TeslaCrypt Payment Domain (trojan.rules) 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules) 2822472 - ProApps MOBILE_MALWARE Android.Adware.Airpush.3D9C Checkin (mobile_malware.rules) 2822473 - ProApps TROJAN Ransomware Locky CnC Beacon Oct 3 (trojan.rules) 2822474 - ProApps TROJAN CoinMiner Known Malicious Stratum Authline (2016-10-07 1) (trojan.rules) 2822475 - ProApps TROJAN Bitcoin Miner Known Malicious Basic Auth (Y3Zja2N2Y0B5YW5kZXgucnVfdjo3Nzc=) (trojan.rules) 2822476 - ProApps CURRENT_EVENTS Bizarro SunDown EK Landing Oct 07 2016 M1 (current_events.rules) 2822477 - ProApps CURRENT_EVENTS Bizarro SunDown EK Landing Oct 07 2016 M2 (current_events.rules) 2822478 - ProApps CURRENT_EVENTS Bizarro SunDown EK Landing Oct 07 2016 M3 (current_events.rules) 2822479 - ProApps CURRENT_EVENTS Bizarro SunDown EK Landing Oct 07 2016 M4 (current_events.rules) 2822480 - ProApps CURRENT_EVENTS Bizarro SunDown EK Landing Oct 07 2016 M5 (current_events.rules) 2822481 - ProApps CURRENT_EVENTS Bizarro SunDown EK Landing Oct 07 2016 M6 (current_events.rules) 2822482 - ProApps CURRENT_EVENTS SunDown/Xer Payload (URL Primer) (current_events.rules) 2822483 - ProApps CURRENT_EVENTS Possible Successful Generic Phish Oct 07 2016 (current_events.rules) 2822484 - ProApps TROJAN Kostya Ransomware CnC Checkin (trojan.rules) 2822485 - ProApps TROJAN Automated Tor EXE Download, Possibly Raum Trojan (trojan.rules) 2822486 - ProApps TROJAN W32.Raum Checkin (trojan.rules) 2822487 - ProApps TROJAN W32.Raum Update Config HTTP Request (trojan.rules) 2822488 - ProApps TROJAN W32.Raum Update Config HTTP Request (trojan.rules) 2822489 - ProApps CURRENT_EVENTS Successful Supplier Portal Phish Oct 07 2016 (current_events.rules) 2822490 - ProApps CURRENT_EVENTS Successful DHL Phish Oct 07 2016 (current_events.rules) 2822491 - ProApps CURRENT_EVENTS Successful Cpanel Phish Oct 07 2016 (current_events.rules) 2822492 - ProApps CURRENT_EVENTS Successful Dynamic Folder Phish Oct 07 2016 (current_events.rules) 2822493 - ProApps CURRENT_EVENTS Successful Apple Phish M1 Oct 07 2016 (current_events.rules) 2822494 - ProApps CURRENT_EVENTS Successful Apple Phish (FR) M1 Oct 07 2016 (current_events.rules) 2822495 - ProApps CURRENT_EVENTS Successful Apple Phish (FR) M2 Oct 07 2016 (current_events.rules) 2822496 - ProApps CURRENT_EVENTS Successful Dynamic Folder Phish M2 Oct 07 2016 (current_events.rules) 2822497 - ProApps CURRENT_EVENTS Successful BT Phish Oct 07 2016 (current_events.rules) 2822498 - ProApps CURRENT_EVENTS Successful Chase Phish Oct 07 2016 (current_events.rules) 2822499 - ProApps CURRENT_EVENTS Successful Apple Phish M2 Oct 07 2016 (current_events.rules) 2822500 - ProApps TROJAN APT28 Stage1 Uploader DNS Lookup (trojan.rules) 2822501 - ProApps TROJAN APT28 Stage1 Uploader DNS Lookup (trojan.rules) 2822502 - ProApps TROJAN APT28 Stage1 Uploader SSL Cert (trojan.rules) [+++] Modify rules: 55 [+++] 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2821569 - ProApps TROJAN Locky CnC checkin Aug 03 2016 M2 (trojan.rules) [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Thu Oct 6 18:12:36 2016 [***] [+++] Added rules: 44 [+++] 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules) 2822429 - ProApps MOBILE_MALWARE Trojan.AndroidOS.Triada.bw Checkin (mobile_malware.rules) 2822430 - ProApps CURRENT_EVENTS Successful Paypal Phish M1 Oct 06 2016 (current_events.rules) 2822431 - ProApps CURRENT_EVENTS Successful Facebook Phish Oct 06 2016 (current_events.rules) 2822432 - ProApps CURRENT_EVENTS Successful Barclays Phish M1 Oct 06 2016 (current_events.rules) 2822433 - ProApps CURRENT_EVENTS Successful Barclays Phish M2 Oct 06 2016 (current_events.rules) 2822434 - ProApps CURRENT_EVENTS Successful Dropbox Phish Oct 06 2016 (current_events.rules) 2822435 - ProApps CURRENT_EVENTS Successful Phish Phish M2 Oct 06 2016 (current_events.rules) 2822436 - ProApps CURRENT_EVENTS Successful Paypal Phish M3 Oct 06 2016 (current_events.rules) 2822437 - ProApps CURRENT_EVENTS Successful Paypal Phish M4 Oct 06 2016 (current_events.rules) 2822438 - ProApps TROJAN PoisonIvy Keepalive to CnC 555 (trojan.rules) 2822439 - ProApps TROJAN PoisonIvy Keepalive to CnC 556 (trojan.rules) 2822440 - ProApps TROJAN PoisonIvy Keepalive to CnC 557 (trojan.rules) 2822441 - ProApps TROJAN PoisonIvy Keepalive to CnC 558 (trojan.rules) 2822442 - ProApps CURRENT_EVENTS Multibank Phishing Redirect/Landing (NL) M1 Oct 06 2016 (current_events.rules) 2822443 - ProApps CURRENT_EVENTS SNS Bank Phishing Redirect/Landing (NL) M1 Oct 06 2016 (current_events.rules) 2822444 - ProApps CURRENT_EVENTS SNS Bank Phishing Redirect/Landing (NL) M2 Oct 06 2016 (current_events.rules) 2822445 - ProApps CURRENT_EVENTS ASN/Regio Bank Phishing Redirect/Landing (NL) M1 Oct 06 2016 (current_events.rules) 2822446 - ProApps CURRENT_EVENTS ASN/Regio Bank Phishing Redirect/Landing (NL) M2 Oct 06 2016 (current_events.rules) 2822447 - ProApps CURRENT_EVENTS Multibank Phishing Redirect/Landing (NL) M2 Oct 06 2016 (current_events.rules) 2822448 - ProApps CURRENT_EVENTS Successful Multibank Phish (NL) M1 Oct 05 2016 (current_events.rules) 2822449 - ProApps CURRENT_EVENTS Successful Multibank Phish (NL) M2 Oct 05 2016 (current_events.rules) 2822450 - ProApps CURRENT_EVENTS Successful Multibank Phish (NL) M3 Oct 05 2016 (current_events.rules) 2822451 - ProApps CURRENT_EVENTS Evil Redirector Leading to EK Keitaro Oct 02 2016 (current_events.rules) 2822452 - ProApps CURRENT_EVENTS Evil Redirector Leading to EK Keitaro Oct 06 2016 (current_events.rules) 2822453 - ProApps MOBILE_MALWARE AdWare.AndroidOS.Lirose.a Checkin (mobile_malware.rules) 2822454 - ProApps TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822455 - ProApps TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822456 - ProApps TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822457 - ProApps TROJAN W32.Palibu Banker Checkin (trojan.rules) 2822458 - ProApps CURRENT_EVENTS Successful Dynamic Folder Phishing Oct 06 2016 (current_events.rules) 2822459 - ProApps CURRENT_EVENTS Successful Dynamic Folder FreeMobile (FR) Phishing Oct 07 2016 (current_events.rules) 2822460 - ProApps CURRENT_EVENTS Successful FreeMobile (FR) Phish M1 Oct 06 2016 (current_events.rules) 2822461 - ProApps CURRENT_EVENTS Successful FreeMobile (FR) Phish M2 Oct 06 2016 (current_events.rules) 2822462 - ProApps CURRENT_EVENTS Successful FreeMobile (FR) Phish M3 Oct 06 2016 (current_events.rules) 2822463 - ProApps CURRENT_EVENTS Dynamic Folder Phishing Redirect Oct 06 2016 (current_events.rules) 2822464 - ProApps CURRENT_EVENTS Successful Orange (FR) Phish Oct 06 2016 (current_events.rules) 2822465 - ProApps CURRENT_EVENTS Successful Wells Fargo Phish Oct 06 2016 (current_events.rules) 2822466 - ProApps CURRENT_EVENTS Successful Paypal Phish M1 Oct 06 2016 (current_events.rules) 2822467 - ProApps CURRENT_EVENTS Successful Paypal Phish M2 Oct 06 2016 (current_events.rules) 2822468 - ProApps CURRENT_EVENTS Successful Paypal Phish M3 Oct 06 2016 (current_events.rules) 2822469 - ProApps CURRENT_EVENTS Successful HM Revenue Phish Oct 06 2016 (current_events.rules) 2822470 - ProApps CURRENT_EVENTS Successful Impots.gouv.fr Phish Oct 06 2016 (current_events.rules) 2822471 - ProApps CURRENT_EVENTS Successful Google Drive Phish Oct 06 2016 (current_events.rules) [+++] Modify rules: 57 [+++] 2011341 - ProApps TROJAN Suspicious POST With Reference to WINDOWS Folder Possible Malware Infection (trojan.rules) 2018598 - ProApps TROJAN Citadel Checkin (trojan.rules) 2023270 - ProApps CURRENT_EVENTS SunDown EK Flash Exploit Sep 22 2016 (current_events.rules) 2023312 - ProApps CURRENT_EVENTS Evil Redirector Leading to EK (EITest Inject) Oct 03 2016 (current_events.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) [+++] Removed rules: 51 [+++] 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 444 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1863 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 2016 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 3211 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 5050 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 28666 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) [***] ProApps Security IDS Rules Changelog started Wed Oct 5 17:17:09 2016 [***] [+++] Added rules: 51 [+++] 2023318 - ProApps CURRENT_EVENTS Nemucod Downloader Oct 04 (current_events.rules) 2023319 - ProApps TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gozi MITM) (trojan.rules) 2023320 - ProApps TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gozi MITM) (trojan.rules) 2023321 - ProApps TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gozi MITM) (trojan.rules) 2023322 - ProApps TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gozi MITM) (trojan.rules) 2023323 - ProApps TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gozi MITM) (trojan.rules) 2023324 - ProApps TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gozi MITM) (trojan.rules) 2023325 - ProApps TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gozi MITM) (trojan.rules) 2023326 - ProApps TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Gozi MITM) (trojan.rules) 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules) 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules) 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules) 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules) 2822391 - ProApps TROJAN Ursnif VNC Module CnC Beacon (trojan.rules) 2822392 - ProApps MALWARE Win32/Xiazai Checkin (malware.rules) 2822393 - ProApps TROJAN MSIL/Pony Stealer Variant CnC Checkin (trojan.rules) 2822394 - ProApps TROJAN MSIL/UBN CP Downloader Requesting Payload (trojan.rules) 2822395 - ProApps TROJAN MSIL/UBN CP Payload EXE Inbound (trojan.rules) 2822396 - ProApps TROJAN MSIL/UBN CP CnC Checkin (trojan.rules) 2822397 - ProApps TROJAN Zbot!CI .onion Proxy Domain (trojan.rules) 2822398 - ProApps CURRENT_EVENTS Successful Adobe Personalized Phish Oct 04 2016 (current_events.rules) 2822399 - ProApps CURRENT_EVENTS Successful Personalized Webmail Phish Oct 04 2016 (current_events.rules) 2822400 - ProApps CURRENT_EVENTS Successful OWA Phish Oct 04 2016 (current_events.rules) 2822401 - ProApps CURRENT_EVENTS Successful Apple Global Service Exchange Phish Oct 04 2016 (current_events.rules) 2822402 - ProApps CURRENT_EVENTS Successful Wells Fargo Phish Oct 04 2016 (current_events.rules) 2822403 - ProApps CURRENT_EVENTS Successful Yadkin Bank Phish Oct 04 2016 (current_events.rules) 2822404 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher.p DNS Lookup (mobile_malware.rules) 2822405 - ProApps TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822406 - ProApps TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822407 - ProApps TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822408 - ProApps TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822409 - ProApps TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822410 - ProApps TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822411 - ProApps TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822412 - ProApps TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules) 2822413 - ProApps TROJAN NanoCore RAT CnC 20 (trojan.rules) 2822414 - ProApps TROJAN Zloader Malicious SSL Cert Observed (trojan.rules) 2822415 - ProApps CURRENT_EVENTS Successful Adobe PDF Online Phish Oct 05 2016 (current_events.rules) 2822416 - ProApps CURRENT_EVENTS Successful Gumtree Phish M1 Oct 05 2016 (current_events.rules) 2822417 - ProApps CURRENT_EVENTS Successful Gumtree Phish M2 Oct 05 2016 (current_events.rules) 2822418 - ProApps CURRENT_EVENTS Successful Amazon Phish M1 Oct 05 2016 (current_events.rules) 2822419 - ProApps CURRENT_EVENTS Successful Amazon Phish M2 Oct 05 2016 (current_events.rules) 2822420 - ProApps CURRENT_EVENTS Successful Wells Fargo Phish Oct 05 2016 (current_events.rules) 2822421 - ProApps CURRENT_EVENTS Successful Paypal Phish M1 Oct 05 2016 (current_events.rules) 2822422 - ProApps CURRENT_EVENTS Successful Paypal Phish M2 Oct 05 2016 (current_events.rules) 2822423 - ProApps CURRENT_EVENTS Successful Paypal Phish M3 Oct 05 2016 (current_events.rules) 2822424 - ProApps CURRENT_EVENTS Successful Excel Online Phish Oct 05 2016 (current_events.rules) 2822425 - ProApps CURRENT_EVENTS Successful View Invoice Phish M1 Oct 05 2016 (current_events.rules) 2822426 - ProApps CURRENT_EVENTS Successful View Invoice Phish M2 Oct 05 2016 (current_events.rules) 2822427 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.Oversa.a Checkin (mobile_malware.rules) 2822428 - ProApps CURRENT_EVENTS SunDown EK Flash Exploit Artifact Oct 05 2016 (current_events.rules) [+++] Modify rules: 106 [+++] 2023270 - ProApps CURRENT_EVENTS SunDown EK Flash Exploit Sep 22 2016 (current_events.rules) 2023317 - ProApps EXPLOIT BIND9 msg->reserved Assertion DoS Packet Inbound (CVE-2016-2776) (exploit.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 444 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1863 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 2016 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 3211 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 5050 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 28666 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2815254 - ProApps CURRENT_EVENTS Possible Neutrino EK Payload Dec 06 2015 M2 (current_events.rules) 2820983 - ProApps TROJAN XXMM2 CnC Beacon (trojan.rules) 2820987 - ProApps CURRENT_EVENTS Sundown/Xer EK Landing Jul 06 2016 M1 (current_events.rules) 2822347 - ProApps CURRENT_EVENTS Successful Adobe Shared Document Phish Oct 3 2016 (current_events.rules) [+++] Removed rules: 0 [+++] [***] ProApps Security IDS Rules Changelog started Tue Oct 4 18:50:08 2016 [***] [+++] Added rules: 15 [+++] 2023317 - ProApps EXPLOIT BIND9 msg->reserved Assertion DoS Packet Inbound (CVE-2016-2776) (exploit.rules) 2822376 - ProApps CURRENT_EVENTS Successful Apple ID Phish M1 Oct 04 2016 (current_events.rules) 2822377 - ProApps CURRENT_EVENTS Successful Apple ID Phish M2 Oct 04 2016 (current_events.rules) 2822378 - ProApps CURRENT_EVENTS Successful Paypal (DE) Phish Oct 04 2016 (current_events.rules) 2822379 - ProApps CURRENT_EVENTS Successful Amazon Phish Oct 04 2016 (current_events.rules) 2822380 - ProApps CURRENT_EVENTS Successful Paypal Phish Oct 04 2016 (current_events.rules) 2822381 - ProApps CURRENT_EVENTS Paypal Phishing Landing (DE) Oct 04 2016 (current_events.rules) 2822382 - ProApps TROJAN APT28 XAgent DNS Lookup (trojan.rules) 2822383 - ProApps TROJAN APT28 XAgent DNS Lookup (trojan.rules) 2822384 - ProApps CURRENT_EVENTS Evil Redirector Leading to EK Oct 04 2016 (fbset) (current_events.rules) 2822385 - ProApps CURRENT_EVENTS Possible Evil Redirector Leading to EK Oct 04 2016 (BossTDS) M1 (current_events.rules) 2822386 - ProApps CURRENT_EVENTS Possible Evil Redirector Leading to EK Oct 04 2016 (BossTDS) M2 (current_events.rules) 2822387 - ProApps CURRENT_EVENTS Possible Evil Redirector Leading to EK Oct 04 2016 (BossTDS) M3 (current_events.rules) 2822388 - ProApps TROJAN MSIL/HadesLocker Ransomware Checkin (trojan.rules) 2822390 - ProApps TROJAN W32.Unknown CnC SSL Cert (trojan.rules) [+++] Modify rules: 53 [+++] 2007695 - ProApps POLICY Windows 98 User-Agent Detected - Possible Malware or Non-Updated System (policy.rules) 2022962 - ProApps CURRENT_EVENTS Evil Redirector Leading to EK Jul 12 2016 (current_events.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 444 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1863 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 2016 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 3211 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 5050 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 28666 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) [+++] Removed rules: 1 [+++] 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) [***] ProApps Security IDS Rules Changelog started Tue Oct 4 15:43:18 2016 [***] [+++] Added rules: 18 [+++] 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules) 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules) 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules) 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules) 2822362 - ProApps TROJAN Unknown PowerShell Fake Google SSL Cert (trojan.rules) 2822363 - ProApps TROJAN Win32/Agent.XWB CnC Beacon (trojan.rules) 2822364 - ProApps CURRENT_EVENTS Unknown MalDoc Requesting Remote Template M2 (current_events.rules) 2822365 - ProApps CURRENT_EVENTS Phishing Landing via urest.org (set) Oct 03 (current_events.rules) 2822366 - ProApps CURRENT_EVENTS Phishing Landing via urest.org Oct 03 M1 (current_events.rules) 2822367 - ProApps CURRENT_EVENTS Phishing Landing via urest.org Oct 03 M2 (current_events.rules) 2822368 - ProApps CURRENT_EVENTS Suspicious Byethost Phishing Redirect Oct 04 2016 (current_events.rules) 2822369 - ProApps CURRENT_EVENTS Successful Dropbox Phish Oct 04 2016 (current_events.rules) 2822370 - ProApps CURRENT_EVENTS Successful Match.com Phish Oct 04 2016 (current_events.rules) 2822371 - ProApps CURRENT_EVENTS Successful Personalized OWA Webmail Phish Oct 04 2016 (current_events.rules) 2822372 - ProApps CURRENT_EVENTS Successful RBC Royal Bank Phish Oct 04 2016 (current_events.rules) 2822373 - ProApps CURRENT_EVENTS Successful Generic OWA Phish Oct 04 2016 (current_events.rules) 2822374 - ProApps CURRENT_EVENTS Successful WeTransfer Phish Oct 04 2016 (current_events.rules) 2822375 - ProApps CURRENT_EVENTS Successful NorisBank Phish Oct 04 2016 (current_events.rules) [+++] Modify rules: 103 [+++] 2022650 - ProApps CURRENT_EVENTS W32/Dridex Binary Download Mar 23 2016 (current_events.rules) 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules) 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules) 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules) 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules) 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules) 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules) 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules) 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules) 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules) 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules) 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules) 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules) 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules) 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules) 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules) 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules) 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules) 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules) 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules) 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules) 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules) 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules) 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules) 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules) 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules) 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules) 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules) 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules) 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules) 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules) 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules) 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules) 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules) 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules) 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules) 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules) 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules) 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules) 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules) 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules) 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules) 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules) 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules) 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules) 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules) 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules) 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules) 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules) 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules) 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 444 Group 1 (botcc.portgrouped.rules) 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules) 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules) 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1887 Group 1 (botcc.portgrouped.rules) 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 2016 Group 1 (botcc.portgrouped.rules) 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules) 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 3211 Group 1 (botcc.portgrouped.rules) 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules) 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules) 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules) 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules) 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules) 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules) 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 5498 Group 1 (botcc.portgrouped.rules) 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules) 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules) 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules) 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules) 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules) 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules) 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules) 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules) 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules) 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules) 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules) 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules) 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules) 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules) 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules) 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules) 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules) 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules) 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules) 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules) 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules) 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules) 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules) 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules) 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules) 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules) 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules) 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules) 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules) 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules) 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 15000 Group 1 (botcc.portgrouped.rules) 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules) 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 28666 Group 1 (botcc.portgrouped.rules) 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules) 2816165 - ProApps TROJAN Win32/Neutrino checkin 4 (trojan.rules) 2820920 - ProApps INFO Data Submitted to ukit domain - Possible Phishing M1 (info.rules) 2820921 - ProApps INFO Data Submitted to ukit domain - Possible Phishing M2 (info.rules) 2822289 - ProApps CURRENT_EVENTS Unknown MalDoc Requesting Remote Template M1 (current_events.rules) 2822354 - ProApps INFO DNS Query to server.com (Possible Misconfiguration) (info.rules) [+++] Removed rules: 0 [+++] Read more » | |