IPS Signature Database Update

Name	ips.sig
Version	2.1.600
StoneOS	StoneOS 5.0R4F3.1 or above
Release Date	2025-03-31
New Signature (107)	Rule ID	Rule Name	StonesOS	Detail
	332614	Ransomware Activity: Locky Intermediate Downloader	5.5R5 or above	click for more information
	105453	Trojan Activity: Group 21 CnC Domain Observed in DNS Query	5.5R5 or above	click for more information
	105424	Ransomware Activity: Ransomware/Cerber Onion Domain Lookup	5.5R5 or above	click for more information
	105418	Ransomware Activity: TrumpLocker/VenusLocker .onion Proxy Domain	5.5R5 or above	click for more information
	332657	Trojan Activity: Observed Godlua Backdoor Domain	5.5R5 or above	click for more information
	332612	Ransomware Activity: Ransomware Locky CnC Beacon	5.5R5 or above	click for more information
	105396	Ransomware Activity: Ransomware Locky .onion Payment Domain (mphtadhci5mrdlju)	5.5R5 or above	click for more information
	332633	Trojan Activity: MALWARE Win32/Adware.Bang5mai.BB CnC Activity M2	5.5R5 or above	click for more information
	105401	Ransomware Activity: DNS Query to Cerber Domain	5.5R5 or above	click for more information
	105390	Ransomware Activity: Ransomware/Cerber Onion Domain Lookup	5.5R5 or above	click for more information
	105448	Trojan Activity: Plurox CnC Domain in DNS Lookup	5.5R5 or above	click for more information
	105427	Trojan Activity: Magecart CnC Domain Observed in DNS Query	5.5R5 or above	click for more information
	332605	Trojan Activity: StealerNeko CnC Checkin	5.5R5 or above	click for more information
	105408	Ransomware Activity: Xbash CnC DNS Lookup	5.5R5 or above	click for more information
	332622	Trojan Activity: Win32/ViSystem CnC Checkin	5.5R5 or above	click for more information
	805934	Trojan Activity: ELF/Roboto - Communicating with Hardcoded Peer 5	5.5R5 or above	click for more information
	332611	Ransomware Activity: PWS.Win32/Reveton.A Checkin	5.5R5 or above	click for more information
	105399	Ransomware Activity: ABUSE.CH Domain Detected (Locky C2)	5.5R5 or above	click for more information
	332628	Trojan Activity: Malicious SSL Cert (Magecart)	5.5R5 or above	click for more information
	105457	Trojan Activity: APT DarkHydrus DNS Lookup 15	5.5R5 or above	click for more information
	......
Updated Signature (4)	Rule ID	Rule Name	StonesOS	Detail
	505884	Roundcube Webmail rcube_washtml.php Cross-Site Scripting Vulnerability (CVE-2023-5631)	5.5R5 or above	Click here for more information
	330010	SQL Server Reporting Services (SSRS) ViewState Deserialization Vulnerability (CVE-2020-0618)	5.5R5 or above	Click here for more information
	338683	Sangfor NGAF loadfile.php Arbitrary File Read Vulnerability	5.0R4 or above	Click here for more information
	323946	Nostromo nhttpd http_verify Directory Traversal Vulnerability (CVE-2019-16278)	5.5R5 or above	Click here for more information