ET EXPLOIT_KIT Turla/SPL EK Java Exploit Requested - /spl/ - Suricata Rule 2018925 (et/open)

ET EXPLOIT_KIT Turla/SPL EK Java Exploit Requested - /spl/

SID: 2018925Rev: 60 viewsHistory

Sourceet/open

CreatedAugust 12, 2014

UpdatedFebruary 23, 2024

Classificationtargeted-activity

alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET EXPLOIT_KIT Turla/SPL EK Java Exploit Requested - /spl/"; flow:established,to_server; http.uri; content:"/spl/"; fast_pattern; content:".jar"; http.user_agent; content:"Java/"; reference:url,securelist.com/analysis/publications/65545/the-epic-turla-operation/; classtype:targeted-activity; sid:2018925; rev:6; metadata:created_at 2014_08_12, confidence High, signature_severity Major, updated_at 2024_02_23;)

References

url	securelist.com/analysis/publications/65545/the-epic-turla-operation/

Metadata

created at2014_08_12

confidenceHigh

signature severityMajor

updated at2024_02_23

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!