ET PHISHING Possible Phish with cazanova= Cookie

SID: 2038495Rev: 30 views
History
Sourceet/open
CreatedAugust 11, 2022
UpdatedSeptember 1, 2022
Classificationcredential-theft
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET PHISHING Possible Phish with cazanova= Cookie"; flow:established,to_server; http.cookie; content:"cazanova="; nocase; startswith; reference:url,github.com/phish-report/IOK; classtype:credential-theft; sid:2038495; rev:3; metadata:attack_target Client_Endpoint, created_at 2022_08_11, deployment Perimeter, confidence Medium, signature_severity Informational, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2022_09_01;)

References

urlgithub.com/phish-report/IOK

Metadata

attack targetClient_Endpoint
created at2022_08_11
deploymentPerimeter
confidenceMedium
signature severityInformational
tagDescription_Generated_By_Proofpoint_Nexus
updated at2022_09_01

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!