SBN

Netography Detection Model Release – February 27, 2023

Netography Detection Model Release – February 27, 2023

 

The Netography Threat Research Team has released its latest detections:

The team creates Netography Detection Models (NDMs) to detect botnets, malware, P2P, data exfiltration, ransomware, phishing, SPAM, DDoS activity and more. These powerful threat and network configuration detection models are included at no additional charge and are continuously refined, with new NDMs being added frequently as threats evolve. There are no packages to download, and no updates to push. All models are completely open, customizable, and transparent to your analysts.  

Netography Detection Model Updates:

non_service_port_scanner – This DM detects attempts to scan for services internal to the customer network that are on ephemeral ports. This DM is disabled by default.

azure_registered_open_ports – This DM detects external connections to internal Azure services being allowed through the Azure firewall. Results of this DM should be audited to review if external connections to Azure services should be allowed. This DM is disabled by default as it can be quite noisy.

cve-2018-0171_port_scan_internal – This DM detects scanning attempts for the “Smart Install” vulnerability found in CVE-2018-0171 internal to the customer’s network. This DM is enabled by default.

cve-2018-0171_port_scan_inbound – This DM detects scanning attempts for the “Smart Install” vulnerability found in CVE-2018-0171 from external to the customer’s network. This DM is enabled by default.

cve-2022-20821_port_scan_internal – This DM detects scanning attempts for CVE-2022-20821 a vulnerability found in Cisco IOS XR Software internal to the customer’s network.  This DM is enabled by default.

cve-2022-20821_port_scan_inbound – This DM detects scanning attempts for CVE-2022-20821 a vulnerability found in Cisco IOS XR Software from external to the customer’s network. This DM is enabled by default.

 

The Netography Threat Research Team constantly updates and improves our detection capabilities, seamlessly integrating them into the Netography Fusion® platform, so our customers can write once, then detect everywhere.

The post Netography Detection Model Release – February 27, 2023 appeared first on Netography.

*** This is a Security Bloggers Network syndicated blog from Netography authored by Netography Threat Research Team. Read the original post at: https://netography.com/netography-detection-model-release-february-27-2023/