ET PHISHING Possible Successful Phish - Generic POST to myform.php Feb 01 2013 - Suricata Rule 2016327 (et/open)

ET PHISHING Possible Successful Phish - Generic POST to myform.php Feb 01 2013

SID: 2016327Rev: 40 viewsHistory

Sourceet/open

CreatedFebruary 1, 2013

UpdatedAugust 13, 2020

Classificationcredential-theft

alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET PHISHING Possible Successful Phish - Generic POST to myform.php Feb 01 2013"; flow:established,to_server; http.method; content:"POST"; http.uri; content:"/myform.php"; classtype:credential-theft; sid:2016327; rev:4; metadata:attack_target Client_Endpoint, created_at 2013_02_01, deployment Perimeter, confidence Medium, signature_severity Critical, tag Phishing, updated_at 2020_08_13, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1566, mitre_technique_name Phishing;)

Metadata

attack targetClient_Endpoint

created at2013_02_01

deploymentPerimeter

confidenceMedium

signature severityCritical

tagPhishing

updated at2020_08_13

mitre tactic idTA0001

mitre tactic nameInitial_Access

mitre technique idT1566

mitre technique namePhishing

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!