IPS Signature Database Update

Name	ips.sig
Version	2.1.604
StoneOS	StoneOS 5.0R4F3.1 or above
Release Date	2025-04-28
New Signature (105)	Rule ID	Rule Name	StonesOS	Detail
	105453	Trojan Activity: Group 21 CnC Domain Observed in DNS Query	5.5R5 or above	click for more information
	105424	Ransomware Activity: Ransomware/Cerber Onion Domain Lookup	5.5R5 or above	click for more information
	338812	NetEase QAnything SQL Injection Vulnerability (CVE-2024-7099 CVE-2024-25722)	5.5R5 or above	click for more information
	105418	Ransomware Activity: TrumpLocker/VenusLocker .onion Proxy Domain	5.5R5 or above	click for more information
	332657	Trojan Activity: Observed Godlua Backdoor Domain	5.5R5 or above	click for more information
	332612	Ransomware Activity: Ransomware Locky CnC Beacon	5.5R5 or above	click for more information
	105396	Ransomware Activity: Ransomware Locky .onion Payment Domain (mphtadhci5mrdlju)	5.5R5 or above	click for more information
	338818	Ray Path Traversal Vulnerability (CVE-2023-6021)	5.0R4 or above	click for more information
	332633	Trojan Activity: MALWARE Win32/Adware.Bang5mai.BB CnC Activity M2	5.5R5 or above	click for more information
	105401	Ransomware Activity: DNS Query to Cerber Domain	5.5R5 or above	click for more information
	105390	Ransomware Activity: Ransomware/Cerber Onion Domain Lookup	5.5R5 or above	click for more information
	105448	Trojan Activity: Plurox CnC Domain in DNS Lookup	5.5R5 or above	click for more information
	105427	Trojan Activity: Magecart CnC Domain Observed in DNS Query	5.5R5 or above	click for more information
	332605	Trojan Activity: StealerNeko CnC Checkin	5.5R5 or above	click for more information
	105408	Ransomware Activity: Xbash CnC DNS Lookup	5.5R5 or above	click for more information
	338811	NetEase QAnything SQL Injection Vulnerability (CVE-2024-7099)	5.5R5 or above	click for more information
	332622	Trojan Activity: Win32/ViSystem CnC Checkin	5.5R5 or above	click for more information
	805934	Trojan Activity: ELF/Roboto - Communicating with Hardcoded Peer 5	5.5R5 or above	click for more information
	332611	Ransomware Activity: PWS.Win32/Reveton.A Checkin	5.5R5 or above	click for more information
	105399	Ransomware Activity: ABUSE.CH Domain Detected (Locky C2)	5.5R5 or above	click for more information
	......
Updated Signature (3)	Rule ID	Rule Name	StonesOS	Detail
	338784	KUBERNETES INGRESS-NGINX Remote Command Execution Vulnerability (CVE-2025-1974)	5.5R5 or above	Click here for more information
	337935	Yonyou Chanjet T+ Ufida.T.DI.UIP.RRA.RRATableController Deserialization Vulnerability	5.5R5 or above	Click here for more information
	338787	Wangkang NS-ASG API index.php Remote Command Execution Vulnerability	5.5R5 or above	Click here for more information