Talos Rules 2020-10-29
This release adds and modifies rules in several categories.

Talos has added and modified multiple rules in the browser-chrome, browser-ie, browser-plugins, exploit-kit, file-executable, file-flash, file-image, file-java, file-multimedia, file-office, file-other, file-pdf, indicator-compromise, malware-backdoor, malware-cnc, malware-other, os-linux, os-windows, policy-other, pua-other, server-apache and server-webapp rule sets to provide coverage for emerging threats from these technologies.

Change logs

2020-10-29 14:07:10 UTC

Snort Subscriber Rules Update

Date: 2020-10-29

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091601.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:56150 <-> DISABLED <-> SERVER-OTHER Adobe ColdFusion DataServicesCFProxy insecure Java deserialization attempt (server-other.rules)
 * 1:56151 <-> DISABLED <-> SERVER-OTHER Adobe ColdFusion vulnerable DataServicesCFProxy class reference attempt (server-other.rules)
 * 1:56154 <-> DISABLED <-> SERVER-WEBAPP MobileIron Core & Connector remote code execution attempt (server-webapp.rules)
 * 1:56155 <-> DISABLED <-> SERVER-WEBAPP MobileIron Core & Connector remote code execution attempt (server-webapp.rules)
 * 1:56156 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook email parsing remote code execution attempt (file-office.rules)
 * 1:56157 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook email parsing remote code execution attempt (file-office.rules)
 * 1:56162 <-> ENABLED <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt (server-webapp.rules)
 * 1:56163 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.PyVil download attempt (malware-other.rules)
 * 1:56164 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.PyVil download attempt (malware-other.rules)
 * 1:56165 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.PyVil download attempt (malware-other.rules)
 * 1:56166 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.PyVil outbound communication attempt (malware-other.rules)
 * 1:56167 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.PyVil download attempt (malware-other.rules)
 * 1:56139 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Czxz-9784395-0 download attempt (malware-other.rules)
 * 1:56140 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Czxz-9784395-0 download attempt (malware-other.rules)
 * 1:56141 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.Zusy-9784403-0 download attempt (malware-other.rules)
 * 1:56142 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.Zusy-9784403-0 download attempt (malware-other.rules)
 * 3:56143 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1177 attack attempt (server-webapp.rules)
 * 3:56144 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1177 attack attempt (server-webapp.rules)
 * 3:56145 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1177 attack attempt (server-webapp.rules)
 * 3:56146 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1177 attack attempt (server-webapp.rules)
 * 3:56147 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1179 attack attempt (server-webapp.rules)
 * 3:56148 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1179 attack attempt (server-webapp.rules)
 * 3:56149 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1179 attack attempt (server-webapp.rules)
 * 3:56152 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1178 attack attempt (server-webapp.rules)
 * 3:56161 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1176 attack attempt (file-image.rules)
 * 3:56160 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1176 attack attempt (file-image.rules)
 * 3:56153 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1178 attack attempt (server-webapp.rules)
 * 3:56158 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1176 attack attempt (file-image.rules)
 * 3:56159 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1176 attack attempt (file-image.rules)

Modified Rules:


 * 1:39457 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer underflow attempt (file-flash.rules)
 * 1:39505 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Edge text node table-cell use after free attempt (browser-ie.rules)
 * 1:39524 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel empty bookViews element denial of service attempt (file-office.rules)
 * 1:39525 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel empty bookViews element denial of service attempt (file-office.rules)
 * 1:39540 <-> DISABLED <-> FILE-FLASH Adobe Flash Player local-with-filesystem security bypass attempt (file-flash.rules)
 * 1:39543 <-> DISABLED <-> FILE-FLASH Adobe Flash Player local-with-filesystem security bypass attempt (file-flash.rules)
 * 1:39564 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TimedEvent memory corruption attempt (file-flash.rules)
 * 1:39685 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Tinba variant outbound connection (malware-cnc.rules)
 * 1:39687 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed embeded TTF file memory corruption attempt (file-pdf.rules)
 * 1:39690 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ABRControlParameters access memory corruption attempt (file-flash.rules)
 * 1:39702 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MediaPlayerItemLoader out of bounds memory access attempt (file-flash.rules)
 * 1:39799 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader raster image memory corruption attempt (file-pdf.rules)
 * 1:39824 <-> DISABLED <-> OS-WINDOWS Microsoft Windows GDI emf file integer overflow attempt (os-windows.rules)
 * 1:39843 <-> DISABLED <-> OS-WINDOWS Microsoft Windows gdiplus EMF EmrText out of bounds write attempt (os-windows.rules)
 * 1:39851 <-> DISABLED <-> INDICATOR-COMPROMISE Connection to malware sinkhole - CERT.PL (indicator-compromise.rules)
 * 1:39893 <-> DISABLED <-> OS-LINUX Linux Kernel USBIP out of bounds write attempt (os-linux.rules)
 * 1:39894 <-> DISABLED <-> OS-LINUX Linux Kernel USBIP out of bounds write attempt (os-linux.rules)
 * 1:40075 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel LPenHelper out of bounds write attempt (file-office.rules)
 * 1:40076 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel LPenHelper out of bounds write attempt (file-office.rules)
 * 1:40102 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40103 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40104 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40105 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40106 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40107 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40116 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40117 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40121 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40122 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40152 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DRMManager memory corruption attempt (file-flash.rules)
 * 1:40167 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShimContentResolver out of bounds memory access attempt (file-flash.rules)
 * 1:40178 <-> DISABLED <-> FILE-FLASH Adobe Flash Player local-with-filesystem sandbox escape attempt (file-flash.rules)
 * 1:40236 <-> DISABLED <-> FILE-PDF Adobe Reader embedded font out of bounds memory access attempt (file-pdf.rules)
 * 1:40237 <-> DISABLED <-> FILE-PDF Adobe Reader embedded font out of bounds memory access attempt (file-pdf.rules)
 * 1:40312 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CTreePos type confusion attempt (browser-ie.rules)
 * 1:40375 <-> DISABLED <-> OS-WINDOWS Microsoft Windows insecure BoundaryDescriptor privilege escalation attempt (os-windows.rules)
 * 1:40425 <-> DISABLED <-> OS-WINDOWS Microsoft Windows GDI+ EMF buffer overread attempt (os-windows.rules)
 * 1:40503 <-> DISABLED <-> FILE-FLASH Adobe Flash Player QOSProvider use-after-free attempt (file-flash.rules)
 * 1:40706 <-> DISABLED <-> FILE-OTHER Microsoft Windows OTF cmap table parsing integer overflow attempt (file-other.rules)
 * 1:40717 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel LPenHelper use after free attempt (file-office.rules)
 * 1:40718 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel LPenHelper use after free attempt (file-office.rules)
 * 1:40737 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Primetime SDK AdvertisingMetadata type confustion attempt (file-flash.rules)
 * 1:40743 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource use after free attempt (file-flash.rules)
 * 1:40753 <-> ENABLED <-> EXPLOIT-KIT Rig exploit kit outbound communication (exploit-kit.rules)
 * 1:40813 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight GetChar out of bounds read attempt (browser-plugins.rules)
 * 1:40814 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight GetChar out of bounds read attempt (browser-plugins.rules)
 * 1:40934 <-> DISABLED <-> FILE-EXECUTABLE Nvidia Windows kernel mode driver denial of service attempt (file-executable.rules)
 * 1:40957 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel security descriptor out of bounds read attempt (file-office.rules)
 * 1:40958 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel security descriptor out of bounds read attempt (file-office.rules)
 * 1:40959 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ddeService command execution attempt (file-office.rules)
 * 1:40960 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ddeService command execution attempt (file-office.rules)
 * 1:40983 <-> DISABLED <-> FILE-OTHER Microsoft Internet Explorer malformed ico integer overflow attempt (file-other.rules)
 * 1:41003 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Primetime SDK out of bounds read attempt (file-flash.rules)
 * 1:41015 <-> DISABLED <-> FILE-FLASH Acrobat Flash WorkerDomain memory corruption attempt (file-flash.rules)
 * 1:41026 <-> DISABLED <-> SERVER-WEBAPP Advantech WebAccess Dashboard remote code execution attempt (server-webapp.rules)
 * 1:41310 <-> DISABLED <-> FILE-IMAGE libBPG restore_tqb_pixel out of bounds write attempt (file-image.rules)
 * 1:41344 <-> DISABLED <-> FILE-OTHER CorelDRAW X8 EMF invalid ihBrush field value out of bounds read attempt (file-other.rules)
 * 1:41358 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Primetime SDK ShimContentResolver memory corruption attempt (file-flash.rules)
 * 1:41515 <-> DISABLED <-> POLICY-OTHER McAfee Virus Scan Linux outdated version detected (policy-other.rules)
 * 1:41516 <-> DISABLED <-> SERVER-WEBAPP McAfee Virus Scan Linux file existence test attempt (server-webapp.rules)
 * 1:41521 <-> DISABLED <-> SERVER-WEBAPP McAfee Virus Scan Linux cross site scripting attempt (server-webapp.rules)
 * 1:41565 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:41566 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:41601 <-> DISABLED <-> FILE-PDF Microsoft Edge PDF Builder out of bounds read attempt (file-pdf.rules)
 * 1:41602 <-> DISABLED <-> FILE-PDF Microsoft Edge PDF Builder out of bounds read attempt (file-pdf.rules)
 * 1:41624 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MessageChannel type confusion attempt (file-flash.rules)
 * 1:41630 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PSDK EventDispatch removeEventListener use after free attempt (file-flash.rules)
 * 1:41680 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShimContentResolver out of bounds memory access attempt (file-flash.rules)
 * 1:41681 <-> DISABLED <-> SERVER-WEBAPP McAfee Virus Scan Linux remote code execution attempt (server-webapp.rules)
 * 1:41783 <-> ENABLED <-> EXPLOIT-KIT Rig exploit kit URL outbound communication (exploit-kit.rules)
 * 1:41818 <-> DISABLED <-> SERVER-APACHE Apache Struts remote code execution attempt (server-apache.rules)
 * 1:41819 <-> DISABLED <-> SERVER-APACHE Apache Struts remote code execution attempt (server-apache.rules)
 * 1:41976 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel shared strings memory corruption attempt (file-office.rules)
 * 1:41977 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel shared strings memory corruption attempt (file-office.rules)
 * 1:41979 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel shared strings memory corruption attempt (file-office.rules)
 * 1:41980 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel shared strings memory corruption attempt (file-office.rules)
 * 1:42080 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Jenxcus outbound connection with unique User-Agent (malware-cnc.rules)
 * 1:42097 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Resolution Opportunity parameter memory corruption attempt (file-flash.rules)
 * 1:42150 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malformed OTF file out-of-bounds memory access attempt (file-other.rules)
 * 1:42151 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malformed OTF file out-of-bounds memory access attempt (file-other.rules)
 * 1:42161 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel  out of bounds memory attempt (file-office.rules)
 * 1:42162 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel out of bounds memory attempt (file-office.rules)
 * 1:42222 <-> DISABLED <-> SERVER-WEBAPP Moxa MX Studio login page denial of service attempt (server-webapp.rules)
 * 1:42372 <-> ENABLED <-> POLICY-OTHER eicar file detected (policy-other.rules)
 * 1:42373 <-> ENABLED <-> POLICY-OTHER eicar file detected (policy-other.rules)
 * 1:42374 <-> ENABLED <-> POLICY-OTHER eicar file detected (policy-other.rules)
 * 1:42375 <-> ENABLED <-> POLICY-OTHER eicar file detected (policy-other.rules)
 * 1:42376 <-> ENABLED <-> POLICY-OTHER eicar file detected (policy-other.rules)
 * 1:42810 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData out of bounds memory access attempt (file-flash.rules)
 * 1:42811 <-> DISABLED <-> BROWSER-IE Microsoft Edge Chakra Engine use-after-free attempt (browser-ie.rules)
 * 1:42812 <-> DISABLED <-> BROWSER-IE Microsoft Edge Chakra Engine use-after-free attempt (browser-ie.rules)
 * 1:42816 <-> DISABLED <-> FILE-FLASH Adobe Flash Player display object mask use after free attempt (file-flash.rules)
 * 1:42817 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayObject use after free attempt (file-flash.rules)
 * 1:42902 <-> DISABLED <-> FILE-OFFICE Microsoft Office EPS restore command use after free attempt (file-office.rules)
 * 1:42904 <-> DISABLED <-> FILE-OFFICE Microsoft Office EPS restore command use after free attempt (file-office.rules)
 * 1:42911 <-> DISABLED <-> FILE-PDF Acrobat Reader TIFF malformed IFD tag heap overflow attempt (file-pdf.rules)
 * 1:42913 <-> DISABLED <-> FILE-PDF Acrobat Reader TIFF malformed IFD tag heap overflow attempt (file-pdf.rules)
 * 1:42915 <-> DISABLED <-> FILE-PDF Acrobat Reader TIFF malformed IFD tag heap overflow attempt (file-pdf.rules)
 * 1:43048 <-> DISABLED <-> FILE-FLASH Adobe Flash Player JSON stringify memory corruption attempt (file-flash.rules)
 * 1:43169 <-> DISABLED <-> BROWSER-IE Microsoft Edge textContent use after free attempt (browser-ie.rules)
 * 1:43179 <-> DISABLED <-> FILE-OFFICE Powerpoint mouseover powershell malware download attempt (file-office.rules)
 * 1:43221 <-> DISABLED <-> MALWARE-OTHER Win.Trojan-Downloader.Jadtree GET request of RAR file to server (malware-other.rules)
 * 1:43383 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AdvertisingMetadata use after free attempt (file-flash.rules)
 * 1:43396 <-> DISABLED <-> FILE-FLASH Adobe Acrobat Reader profile use after free attempt (file-flash.rules)
 * 1:43406 <-> DISABLED <-> FILE-FLASH Adobe Flash Player determinePreferredLocales out of bounds memory read attempt (file-flash.rules)
 * 1:43455 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:43625 <-> DISABLED <-> SERVER-WEBAPP Axis M3004 remote code execution attempt (server-webapp.rules)
 * 1:43790 <-> DISABLED <-> SERVER-OTHER Apache mod_auth_digest out of bounds read attempt (server-other.rules)
 * 1:43865 <-> DISABLED <-> FILE-IMAGE Adobe Reader EMF EMR_MOVETOEX memory corruption attempt (file-image.rules)
 * 1:43900 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Professional XPS2PDF memory corruption attempt (file-other.rules)
 * 1:43901 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Professional XPS2PDF memory corruption attempt (file-other.rules)
 * 1:43912 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Professional XPS2PDF memory corruption attempt (file-other.rules)
 * 1:43913 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Professional XPS2PDF memory corruption attempt (file-other.rules)
 * 1:43967 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Acrobat Professional EMF malformed EMR_POLYBEZIERTO16 out of bounds access attempt (file-multimedia.rules)
 * 1:43977 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader graphics engine memory corruption attempt (file-pdf.rules)
 * 1:43978 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader graphics engine memory corruption attempt (file-pdf.rules)
 * 1:43993 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader graphics engine memory corruption attempt (file-pdf.rules)
 * 1:43994 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader graphics engine memory corruption attempt (file-pdf.rules)
 * 1:44016 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Rectangle constructor use after free attempt (file-flash.rules)
 * 1:44017 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Rectangle constructor use after free attempt (file-flash.rules)
 * 1:44052 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word EPS filter PostScript object use after free attempt (file-office.rules)
 * 1:44338 <-> DISABLED <-> BROWSER-IE Microsoft Edge denial of service attempt (browser-ie.rules)
 * 1:44360 <-> DISABLED <-> SERVER-WEBAPP Trend Micro proxy_controller.php command injection attempt (server-webapp.rules)
 * 1:44361 <-> DISABLED <-> SERVER-WEBAPP Trend Micro proxy_controller.php command injection attempt (server-webapp.rules)
 * 1:44404 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Trickbot malicious communication attempt (malware-cnc.rules)
 * 1:44430 <-> DISABLED <-> FILE-OFFICE Fin7 Maldoc campaign exploitation attempt  (file-office.rules)
 * 1:44431 <-> DISABLED <-> FILE-OFFICE Fin7 Maldoc campaign exploitation attempt  (file-office.rules)
 * 1:31033 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Cryptodefence variant outbound connection (malware-cnc.rules)
 * 1:36707 <-> DISABLED <-> FILE-OFFICE Microsoft Office malformed odttf integer overflow attempt (file-office.rules)
 * 1:36708 <-> DISABLED <-> FILE-OFFICE Microsoft Office malformed odttf integer overflow attempt (file-office.rules)
 * 1:36713 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ClickOnce information disclosure attempt (os-windows.rules)
 * 1:36714 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel slicer style use-after-free attempt (file-office.rules)
 * 1:36715 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel slicer style use-after-free attempt (file-office.rules)
 * 1:36751 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel MdCallBack out of bounds read attempt (file-office.rules)
 * 1:36752 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel MdCallBack out of bounds read attempt (file-office.rules)
 * 1:36812 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer nonexistent attribute removal memory corruption attempt (browser-ie.rules)
 * 1:36819 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:36820 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:36821 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:38169 <-> DISABLED <-> FILE-FLASH Adobe Flash Player hitTest BitmapData object integer overflow attempt (file-flash.rules)
 * 1:38170 <-> DISABLED <-> FILE-FLASH Adobe Flash Player hitTest BitmapData object integer overflow attempt (file-flash.rules)
 * 1:38175 <-> DISABLED <-> FILE-FLASH Adobe Standalone Flash Player texfield getter use after free attempt (file-flash.rules)
 * 1:38179 <-> DISABLED <-> FILE-FLASH Adobe Standalone Flash Player ASnative object use after free attempt (file-flash.rules)
 * 1:38182 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 multiple axis attributes integer overflow attempt (file-flash.rules)
 * 1:38184 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 multiple axis attributes integer overflow attempt (file-flash.rules)
 * 1:38191 <-> DISABLED <-> FILE-FLASH Adobe Flash Player si32 integer overflow attempt (file-flash.rules)
 * 1:38192 <-> DISABLED <-> FILE-FLASH Adobe Flash Player si32 integer overflow attempt (file-flash.rules)
 * 1:38197 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursion calls stack overflow attempt (file-flash.rules)
 * 1:38198 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursion calls stack overflow attempt (file-flash.rules)
 * 1:38207 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MPD use-after-free attempt (file-flash.rules)
 * 1:38208 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MPD use-after-free attempt (file-flash.rules)
 * 1:38211 <-> DISABLED <-> FILE-PDF Adobe Reader JPEG 2000 chrominance subsampling memory corruption attempt (file-pdf.rules)
 * 1:38212 <-> DISABLED <-> FILE-PDF Adobe Reader JPEG 2000 chrominance subsampling memory corruption attempt (file-pdf.rules)
 * 1:38215 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData.paletteMap size mismatch integer overflow attempt (file-flash.rules)
 * 1:38216 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData.paletteMap size mismatch integer overflow attempt (file-flash.rules)
 * 1:38219 <-> DISABLED <-> FILE-FLASH Adobe Flash Player use after free attempt (file-flash.rules)
 * 1:38220 <-> DISABLED <-> FILE-FLASH Adobe Flash Player use after free (file-flash.rules)
 * 1:38223 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader annotation oversized array memory corruption attempt (file-pdf.rules)
 * 1:38239 <-> DISABLED <-> FILE-FLASH Adobe Flash Player rectangle width integer overflow attempt (file-flash.rules)
 * 1:38241 <-> DISABLED <-> FILE-FLASH Adobe Flash Player rectangle width integer overflow attempt (file-flash.rules)
 * 1:38286 <-> DISABLED <-> SERVER-WEBAPP Reprise License Manager actserver stack buffer overflow attempt (server-webapp.rules)
 * 1:38287 <-> DISABLED <-> SERVER-WEBAPP Reprise License Manager akey stack buffer overflow attempt (server-webapp.rules)
 * 1:38288 <-> DISABLED <-> SERVER-WEBAPP Reprise License Manager licfile stack buffer overflow attempt (server-webapp.rules)
 * 1:38327 <-> DISABLED <-> MALWARE-BACKDOOR ReGeorg proxy read attempt (malware-backdoor.rules)
 * 1:38405 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Transform Class Matrix AS2 use after free attempt (file-flash.rules)
 * 1:38406 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Transform Class Matrix AS2 use after free attempt (file-flash.rules)
 * 1:38409 <-> DISABLED <-> FILE-FLASH Adobe Flash Player JPEG-XR decode buffer overflow attempt (file-flash.rules)
 * 1:38410 <-> DISABLED <-> FILE-FLASH Adobe Flash Player JPEG-XR decode buffer overflow attempt (file-flash.rules)
 * 1:38413 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection to ColorMatrixFilter object type confusion attempt (file-flash.rules)
 * 1:38415 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection to ColorMatrixFilter object type confusion attempt (file-flash.rules)
 * 1:38425 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ExportAssets count memory corruption attempt (file-flash.rules)
 * 1:38430 <-> DISABLED <-> FILE-FLASH Adobe Flash Player toString type confusion memory corruption attempt (file-flash.rules)
 * 1:38433 <-> DISABLED <-> FILE-FLASH Adobe Flash Player toString type confusion memory corruption attempt (file-flash.rules)
 * 1:38481 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel msxml6 ParseElementN use after free attempt (file-office.rules)
 * 1:38482 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel msxml6 ParseElementN use after free attempt (file-office.rules)
 * 1:38577 <-> DISABLED <-> FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (file-flash.rules)
 * 1:38593 <-> DISABLED <-> EXPLOIT-KIT Nuclear Exploit Kit back end communications attempt (exploit-kit.rules)
 * 1:38631 <-> DISABLED <-> FILE-FLASH Angler exploit kit Adobe Flash SWF exploit download (file-flash.rules)
 * 1:38632 <-> DISABLED <-> FILE-FLASH Angler exploit kit Adobe Flash SWF exploit download (file-flash.rules)
 * 1:38635 <-> DISABLED <-> FILE-FLASH Nuclear exploit kit Adobe Flash SWF exploit download (file-flash.rules)
 * 1:38636 <-> DISABLED <-> FILE-FLASH Nuclear exploit kit Adobe Flash SWF exploit download (file-flash.rules)
 * 1:38729 <-> DISABLED <-> SERVER-OTHER Mediabridge Medialink MWN-WAPR300N and Tenda N3 Wireless N150 inbound admin attempt (server-other.rules)
 * 1:38772 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer EMF file integer overflow attempt (browser-ie.rules)
 * 1:38782 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word TTF out-of-bounds memory access attempt (file-office.rules)
 * 1:38783 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word TTF out-of-bounds memory access attempt (file-office.rules)
 * 1:38830 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ContentFactory memory corruption attempt (file-flash.rules)
 * 1:38832 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ContentFactory memory corruption attempt (file-flash.rules)
 * 1:38833 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ContentFactory memory corruption attempt (file-flash.rules)
 * 1:38841 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VBScript toString redim array use after free attempt (browser-ie.rules)
 * 1:38881 <-> DISABLED <-> FILE-FLASH Adobe Flash Player FileReference type confusion attempt (file-flash.rules)
 * 1:38883 <-> DISABLED <-> FILE-FLASH Adobe Flash Player FileReference type confusion attempt (file-flash.rules)
 * 1:38972 <-> DISABLED <-> FILE-FLASH Adobe Flash Player OpportunityGenerator.update memory corruption attempt (file-flash.rules)
 * 1:38973 <-> DISABLED <-> FILE-FLASH Adobe Flash Player OpportunityGenerator.update memory corruption attempt (file-flash.rules)
 * 1:38974 <-> DISABLED <-> FILE-FLASH Adobe Flash Player OpportunityGenerator.update memory corruption attempt (file-flash.rules)
 * 1:38980 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed FlateDecode stream use after free attempt (file-pdf.rules)
 * 1:38981 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed FlateDecode stream use after free attempt (file-pdf.rules)
 * 1:38996 <-> DISABLED <-> FILE-FLASH Adobe Flash Player addProperty use after free attempt (file-flash.rules)
 * 1:38998 <-> DISABLED <-> FILE-FLASH Adobe Flash Player addProperty use after free attempt (file-flash.rules)
 * 1:39009 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setMetadata memory corruption attempt (file-flash.rules)
 * 1:39010 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setMetadata memory corruption attempt (file-flash.rules)
 * 1:39013 <-> DISABLED <-> FILE-PDF Adobe Reader CTJPEGDecoderReadNextTile out of bounds read attempt (file-pdf.rules)
 * 1:39014 <-> DISABLED <-> FILE-PDF Adobe Reader CTJPEGDecoderReadNextTile out of bounds read attempt (file-pdf.rules)
 * 1:39015 <-> DISABLED <-> FILE-PDF Adobe Reader AcroForm dictionary object use after free attempt (file-pdf.rules)
 * 1:39019 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PSDK use-after-free attempt (file-flash.rules)
 * 1:39020 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PSDK use-after-free attempt (file-flash.rules)
 * 1:39022 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PSDK use-after-free attempt (file-flash.rules)
 * 1:39024 <-> DISABLED <-> FILE-FLASH Adobe Flash Player selection.setFocus use after free attempt (file-flash.rules)
 * 1:39025 <-> DISABLED <-> FILE-FLASH Adobe Flash Player selection.setFocus use after free attempt (file-flash.rules)
 * 1:39032 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASSetNative use-after-free attempt (file-flash.rules)
 * 1:39033 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASSetNative use-after-free attempt (file-flash.rules)
 * 1:39102 <-> DISABLED <-> FILE-PDF Adobe Reader PDF embedded JPEG memory corruption attempt (file-pdf.rules)
 * 1:39103 <-> DISABLED <-> FILE-PDF Adobe Reader PDF embedded JPEG memory corruption attempt (file-pdf.rules)
 * 1:39261 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malformed OTF file out-of-bounds memory access attempt (file-other.rules)
 * 1:39272 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShimContentFactory uninitialized pointer use attempt (file-flash.rules)
 * 1:39280 <-> DISABLED <-> FILE-FLASH Adobe Primetime SDK object type confusion overflow attempt (file-flash.rules)
 * 1:39285 <-> DISABLED <-> FILE-FLASH Adobe Flash Player loadSound use after free attempt (file-flash.rules)
 * 1:39288 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShimContentResolver out of bounds memory access attempt (file-flash.rules)
 * 1:39290 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Primetime SDK ShimContentResolver out of bounds memory access attempt (file-flash.rules)
 * 1:39298 <-> DISABLED <-> FILE-FLASH Adobe Flash player retrieveResolvers memory corruption attempt (file-flash.rules)
 * 1:39305 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Primetime SDK ShimContentResolver out of bounds memory access attempt (file-flash.rules)
 * 1:39319 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShimOpportunityGenerator out of bounds memory access attempt (file-flash.rules)
 * 1:39398 <-> DISABLED <-> SERVER-WEBAPP Symantec SEPM management console cross site scripting attempt (server-webapp.rules)
 * 1:39402 <-> DISABLED <-> FILE-OTHER Symantec Antivirus ALPkOldFormatDecompressor out of bounds read attempt (file-other.rules)
 * 1:39441 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer overflow attempt (file-flash.rules)
 * 1:36822 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:36829 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 actionExtends use-after-free attempt (file-flash.rules)
 * 1:36830 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 actionExtends use-after-free attempt (file-flash.rules)
 * 1:36831 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 actionExtends use-after-free attempt (file-flash.rules)
 * 1:36832 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 actionExtends use-after-free attempt (file-flash.rules)
 * 1:36846 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 TextField gridFitType use after free attempt (file-flash.rules)
 * 1:36859 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36860 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36863 <-> DISABLED <-> FILE-FLASH Adobe Flash Player attachsound use-after-free attempt (file-flash.rules)
 * 1:36864 <-> DISABLED <-> FILE-FLASH Adobe Flash Player attachsound use-after-free attempt (file-flash.rules)
 * 1:36883 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:36960 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word XML parsing use after free attempt (file-office.rules)
 * 1:36961 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word XML parsing use after free attempt (file-office.rules)
 * 1:36998 <-> DISABLED <-> OS-WINDOWS Microsoft .NET Silverlight manifest resource file information disclosure attempt (os-windows.rules)
 * 1:37071 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter integer overflow attempt (file-flash.rules)
 * 1:37072 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter integer overflow attempt (file-flash.rules)
 * 1:37074 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter integer overflow attempt (file-flash.rules)
 * 1:37075 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter integer overflow attempt (file-flash.rules)
 * 1:37081 <-> DISABLED <-> FILE-FLASH Adobe Flash Player String length heap buffer overflow attempt (file-flash.rules)
 * 1:37082 <-> DISABLED <-> FILE-FLASH Adobe Flash Player String length heap buffer overflow attempt (file-flash.rules)
 * 1:37085 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array memory corruption attempt (file-flash.rules)
 * 1:37086 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array memory corruption attempt (file-flash.rules)
 * 1:37090 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PrintJob object use-after-free attempt (file-flash.rules)
 * 1:37091 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PrintJob object use-after-free attempt (file-flash.rules)
 * 1:37092 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SoundURLStream memory corruption attempt (file-flash.rules)
 * 1:37094 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SoundURLStream memory corruption attempt (file-flash.rules)
 * 1:37105 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MovieClip object use-after-free attempt (file-flash.rules)
 * 1:37106 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MovieClip object use-after-free attempt (file-flash.rules)
 * 1:37109 <-> DISABLED <-> FILE-FLASH Adobe Flash Player selection.setFocus use after free attempt (file-flash.rules)
 * 1:37110 <-> DISABLED <-> FILE-FLASH Adobe Flash Player selection.setFocus use after free attempt (file-flash.rules)
 * 1:37118 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (file-flash.rules)
 * 1:37119 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (file-flash.rules)
 * 1:37121 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MP3 ID3 data parsing heap buffer overflow attempt (file-flash.rules)
 * 1:37123 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MP3 ID3 data parsing heap buffer overflow attempt (file-flash.rules)
 * 1:37128 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 setTransform use-after-free attempt (file-flash.rules)
 * 1:37129 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 setTransform use-after-free attempt (file-flash.rules)
 * 1:37135 <-> DISABLED <-> SERVER-WEBAPP Fireeye Java decompiler reflection remote code execution attempt (server-webapp.rules)
 * 1:37136 <-> DISABLED <-> SERVER-WEBAPP Fireeye Java decompiler reflection remote code execution attempt (server-webapp.rules)
 * 1:37144 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SetSlot type confusion attempt (file-flash.rules)
 * 1:37145 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SetSlot type confusion attempt (file-flash.rules)
 * 1:37157 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject send stack buffer overflow attempt (file-flash.rules)
 * 1:37159 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject send stack buffer overflow attempt (file-flash.rules)
 * 1:37160 <-> DISABLED <-> FILE-FLASH Adobe Flash Player oversize source bitmap memory corruption attempt (file-flash.rules)
 * 1:37161 <-> DISABLED <-> FILE-FLASH Adobe Flash Player oversize source bitmap memory corruption attempt (file-flash.rules)
 * 1:37167 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLStream use after free attempt (file-flash.rules)
 * 1:37168 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLStream use after free attempt (file-flash.rules)
 * 1:37169 <-> DISABLED <-> FILE-FLASH Adobe Flash Player heap memory disclosure via custom valueOf handler attempt (file-flash.rules)
 * 1:37170 <-> DISABLED <-> FILE-FLASH Adobe Flash Player heap memory disclosure via custom valueOf handler attempt (file-flash.rules)
 * 1:37171 <-> DISABLED <-> FILE-FLASH Adobe Flash Player heap memory disclosure via custom valueOf handler attempt (file-flash.rules)
 * 1:37172 <-> DISABLED <-> FILE-FLASH Adobe Flash Player heap memory disclosure via custom valueOf handler attempt (file-flash.rules)
 * 1:37178 <-> DISABLED <-> FILE-FLASH Adobe Flash Player M3U8 parser logic memory corruption attempt (file-flash.rules)
 * 1:37180 <-> DISABLED <-> FILE-FLASH Adobe Flash Player M3U8 parser logic memory corruption attempt (file-flash.rules)
 * 1:37183 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextFormat.tabStops use after free attempt (file-flash.rules)
 * 1:37184 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextFormat.tabStops use after free attempt (file-flash.rules)
 * 1:37185 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextFormat.tabStops use after free attempt (file-flash.rules)
 * 1:37186 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextFormat.tabStops use after free attempt (file-flash.rules)
 * 1:37205 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object.addProperty method use after free attempt (file-flash.rules)
 * 1:37206 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object.addProperty method use after free attempt (file-flash.rules)
 * 1:37208 <-> DISABLED <-> FILE-FLASH Adobe Flash Player LoadVars decode use after free attempt (file-flash.rules)
 * 1:37210 <-> DISABLED <-> FILE-FLASH Adobe Flash Player LoadVars decode use after free attempt (file-flash.rules)
 * 1:37216 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MovieClip setMask use after free attempt (file-flash.rules)
 * 1:37218 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MovieClip setMask use after free attempt (file-flash.rules)
 * 1:37237 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object hasOwnProperty use after free attempt (file-flash.rules)
 * 1:37239 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object hasOwnProperty use after free attempt (file-flash.rules)
 * 1:37247 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeMovieClip use after free attempt (file-flash.rules)
 * 1:37248 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeMovieClip use after free attempt (file-flash.rules)
 * 1:37249 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeMovieClip use after free attempt (file-flash.rules)
 * 1:37259 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel mso20win32client use after free attempt (file-office.rules)
 * 1:37265 <-> DISABLED <-> FILE-OFFICE Microsoft Office metafile conversion out of bounds read attempt (file-office.rules)
 * 1:37266 <-> DISABLED <-> FILE-OFFICE Microsoft Office metafile conversion out of bounds read attempt (file-office.rules)
 * 1:37267 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight GetChar out of bounds read attempt (browser-plugins.rules)
 * 1:37268 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight GetChar out of bounds read attempt (browser-plugins.rules)
 * 1:37345 <-> DISABLED <-> FILE-FLASH Adobe Flash Player improper display list handling memory corruption attempt (file-flash.rules)
 * 1:37347 <-> DISABLED <-> FILE-FLASH Adobe Flash Player improper display list handling memory corruption attempt (file-flash.rules)
 * 1:37399 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader custom string length function memory corruption attempt (file-pdf.rules)
 * 1:37525 <-> DISABLED <-> SERVER-OTHER NTP arbitrary pidfile and driftfile overwrite attempt (server-other.rules)
 * 1:37550 <-> DISABLED <-> EXPLOIT-KIT Nuclear landing page detected (exploit-kit.rules)
 * 1:37592 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel formula length heap corruption attempt (file-office.rules)
 * 1:37593 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel formula length heap corruption attempt (file-office.rules)
 * 1:37600 <-> DISABLED <-> FILE-OFFICE Microsoft Powerpoint shape objects null pointer dereference memory corruption attempt (file-office.rules)
 * 1:37601 <-> DISABLED <-> FILE-OFFICE Microsoft Powerpoint shape objects null pointer dereference memory corruption attempt (file-office.rules)
 * 1:37664 <-> DISABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 1:37670 <-> DISABLED <-> FILE-FLASH Adobe Flash Player convolution filter use-after-free attempt (file-flash.rules)
 * 1:37671 <-> DISABLED <-> FILE-FLASH Adobe Flash Player convolution filter use-after-free attempt (file-flash.rules)
 * 1:37700 <-> DISABLED <-> FILE-OFFICE Microsoft Office ole object external file loading attempt (file-office.rules)
 * 1:37702 <-> DISABLED <-> FILE-OFFICE Microsoft Office ole object external file loading attempt (file-office.rules)
 * 1:37703 <-> DISABLED <-> FILE-OFFICE Microsoft Office ole object external file loading attempt (file-office.rules)
 * 1:37704 <-> DISABLED <-> FILE-OFFICE Microsoft Office ole object external file loading attempt (file-office.rules)
 * 1:37705 <-> DISABLED <-> FILE-OFFICE Microsoft Office ole object external file loading attempt (file-office.rules)
 * 1:37706 <-> DISABLED <-> FILE-OFFICE Microsoft Office ole object external file loading attempt (file-office.rules)
 * 1:37711 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:37726 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:37727 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:37734 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Point object integer overflow attempt (file-flash.rules)
 * 1:37736 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Point object integer overflow attempt (file-flash.rules)
 * 1:37740 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BlurFilter memory corruption attempt (file-flash.rules)
 * 1:37741 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BlurFilter memory corruption attempt (file-flash.rules)
 * 1:37744 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextLine memory corruption attempt (file-flash.rules)
 * 1:37745 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextLine memory corruption attempt (file-flash.rules)
 * 1:37754 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Point object integer overflow attempt (file-flash.rules)
 * 1:37755 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Point object integer overflow attempt (file-flash.rules)
 * 1:37757 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid sourceRect copyPixels heap corruption attempt (file-flash.rules)
 * 1:37758 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid sourceRect copyPixels heap corruption attempt (file-flash.rules)
 * 1:37761 <-> DISABLED <-> FILE-FLASH Adobe Flash Player rectangle auxiliary method integer overflow attempt (file-flash.rules)
 * 1:37764 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData method memory corruption attempt (file-flash.rules)
 * 1:37770 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative custom getter use after free attempt (file-flash.rules)
 * 1:37771 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative custom getter use after free attempt (file-flash.rules)
 * 1:37774 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript constructor use after free attempt (file-flash.rules)
 * 1:37776 <-> DISABLED <-> FILE-FLASH Adobe Flash Player LoadVars use-after-free attempt (file-flash.rules)
 * 1:37777 <-> DISABLED <-> FILE-FLASH Adobe Flash Player LoadVars use-after-free attempt (file-flash.rules)
 * 1:37783 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed Adobe Texture Format heap overflow attempt (file-flash.rules)
 * 1:37790 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative use after free attempt (file-flash.rules)
 * 1:37792 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative use after free attempt (file-flash.rules)
 * 1:37797 <-> DISABLED <-> FILE-FLASH Adobe Flash Player rectangle memory access violation attempt (file-flash.rules)
 * 1:37798 <-> DISABLED <-> FILE-FLASH Adobe Flash Player rectangle memory access violation attempt (file-flash.rules)
 * 1:37801 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (browser-plugins.rules)
 * 1:37808 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer underflow attempt (file-flash.rules)
 * 1:37824 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:37825 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:37938 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:37939 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:38074 <-> DISABLED <-> BROWSER-IE Microsoft Edge CAsyncTpWorker Windows.Data.Pdf.dll object use after free attempt (browser-ie.rules)
 * 1:38076 <-> DISABLED <-> BROWSER-IE Microsoft Edge CAsyncTpWorker Windows.Data.Pdf.dll object use after free attempt (browser-ie.rules)
 * 1:38101 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word wwlib.dll invalid pointer read attempt (file-office.rules)
 * 1:38165 <-> DISABLED <-> FILE-FLASH Adobe Flash Player hitTest BitmapData object integer overflow attempt (file-flash.rules)
 * 1:38167 <-> DISABLED <-> FILE-FLASH Adobe Flash Player hitTest BitmapData object integer overflow attempt (file-flash.rules)
 * 1:44564 <-> DISABLED <-> MALWARE-CNC PowerShell Empire variant outbound connection (malware-cnc.rules)
 * 1:44619 <-> DISABLED <-> MALWARE-CNC Android Red Alert Trojan outbound connection (malware-cnc.rules)
 * 1:44620 <-> DISABLED <-> MALWARE-CNC Android Red Alert Trojan outbound connection (malware-cnc.rules)
 * 1:44621 <-> DISABLED <-> MALWARE-CNC Android Red Alert Trojan outbound connection (malware-cnc.rules)
 * 1:44622 <-> DISABLED <-> MALWARE-CNC Android Red Alert Trojan outbound connection (malware-cnc.rules)
 * 1:44646 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.BadRabbit propagation via SVCCTL remote service attempt (malware-other.rules)
 * 1:44657 <-> DISABLED <-> SERVER-WEBAPP Unitrends Enterprise Backup API SQL injection attempt (server-webapp.rules)
 * 1:44688 <-> DISABLED <-> SERVER-WEBAPP Netgear DGN1000 series routers arbitrary command execution attempt (server-webapp.rules)
 * 1:44880 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF EMR_STRETCHDIBITS memory corruption attempt (file-image.rules)
 * 1:44885 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat XPS unicode glyph pointer out of bounds (file-image.rules)
 * 1:44892 <-> DISABLED <-> FILE-FLASH Adobe Flash Player determinePreferredLocales memory corruption attempt (file-flash.rules)
 * 1:44903 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PSDK Metadata memory corruption attempt (file-flash.rules)
 * 1:44929 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF out of bounds write attempt (file-image.rules)
 * 1:44964 <-> DISABLED <-> FILE-FLASH Adobe Flash Player tvsdk object use after free attempt (file-flash.rules)
 * 1:44969 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF EmfPlusFont memory corruption attempt (file-image.rules)
 * 1:45117 <-> DISABLED <-> SERVER-WEBAPP Huawei DeviceUpgrade command injection attempt (server-webapp.rules)
 * 1:45130 <-> DISABLED <-> OS-WINDOWS Microsoft Windows RRAS service arbitrary pointer dereference attempt (os-windows.rules)
 * 1:45131 <-> DISABLED <-> OS-WINDOWS Microsoft Windows RRAS service arbitrary pointer dereference attempt (os-windows.rules)
 * 1:45132 <-> DISABLED <-> FILE-OFFICE Microsoft Office Equation Editor object stack buffer overflow attempt (file-office.rules)
 * 1:45148 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Array out of bounds write attempt (browser-ie.rules)
 * 1:45162 <-> DISABLED <-> BROWSER-IE Microsoft Edge memory corruption attempt (browser-ie.rules)
 * 1:45169 <-> DISABLED <-> BROWSER-IE Microsoft Edge array type confusion attempt (browser-ie.rules)
 * 1:45336 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ursnif variant outbound connection attempt (malware-cnc.rules)
 * 1:45370 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word docx subDocument file include attempt (file-office.rules)
 * 1:45371 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word docx subDocument file include attempt (file-office.rules)
 * 1:45564 <-> DISABLED <-> MALWARE-CNC Unix.Trojan.Vpnfilter variant outbound connection attempt (malware-cnc.rules)
 * 1:45642 <-> DISABLED <-> MALWARE-CNC Vbs.Trojan.Agent outbound connection (malware-cnc.rules)
 * 1:45643 <-> DISABLED <-> MALWARE-CNC Vbs.Trojan.Agent inbound payload download (malware-cnc.rules)
 * 1:45646 <-> DISABLED <-> MALWARE-CNC Vbs.Trojan.Agent outbound system information disclosure (malware-cnc.rules)
 * 1:45682 <-> DISABLED <-> SERVER-OTHER HP Integrated Lights-Out HTTP headers processing buffer overflow attempt (server-other.rules)
 * 1:45771 <-> DISABLED <-> MALWARE-CNC Win.Trojan.CannibalRAT initial outbound connection (malware-cnc.rules)
 * 1:45772 <-> DISABLED <-> MALWARE-CNC Win.Trojan.CannibalRAT outbound reporting attempt (malware-cnc.rules)
 * 1:45773 <-> DISABLED <-> MALWARE-CNC Win.Trojan.CannibalRAT outbound upload attempt (malware-cnc.rules)
 * 1:45904 <-> DISABLED <-> MALWARE-BACKDOOR CobaltStrike inbound beacon download (malware-backdoor.rules)
 * 1:45909 <-> DISABLED <-> MALWARE-CNC CobaltStrike trial version inbound beacon response (malware-cnc.rules)
 * 1:45922 <-> DISABLED <-> EXPLOIT-KIT Terror EK exe download attempt (exploit-kit.rules)
 * 1:45923 <-> DISABLED <-> EXPLOIT-KIT Terror EK dll download attempt (exploit-kit.rules)
 * 1:45949 <-> DISABLED <-> PUA-OTHER Coinhive TLS server hello attempt (pua-other.rules)
 * 1:45950 <-> DISABLED <-> PUA-OTHER Coinhive TLS client hello attempt (pua-other.rules)
 * 1:45972 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Chafer malicious communication attempt (malware-cnc.rules)
 * 1:45973 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Chafer malicious communication attempt (malware-cnc.rules)
 * 1:45976 <-> DISABLED <-> SERVER-WEBAPP Pivotal Spring Data REST PATCH request remote code execution attempt (server-webapp.rules)
 * 1:45977 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB kernel heap memory leak attempt (os-windows.rules)
 * 1:45978 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB kernel heap memory leak attempt (os-windows.rules)
 * 1:46129 <-> DISABLED <-> MALWARE-CNC Win.Trojan.HW32 variant outbound connection (malware-cnc.rules)
 * 1:46135 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Krodown variant connection attempt (malware-cnc.rules)
 * 1:46137 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Cidox variant outbound connection attempt (malware-cnc.rules)
 * 1:46249 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Rovnix outbound connection attempt (malware-cnc.rules)
 * 1:46250 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Rovnix outbound connection attempt (malware-cnc.rules)
 * 1:46251 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Rovnix outbound connection attempt (malware-cnc.rules)
 * 1:46252 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Rovnix outbound connection attempt (malware-cnc.rules)
 * 1:46371 <-> DISABLED <-> PUA-OTHER Moonify TLS server hello attempt (pua-other.rules)
 * 1:46372 <-> DISABLED <-> PUA-OTHER Moonify TLS client hello attempt (pua-other.rules)
 * 1:46490 <-> DISABLED <-> FILE-PDF Adobe Flash Player ActionScript setFocus use after free attempt (file-pdf.rules)
 * 1:46491 <-> DISABLED <-> FILE-PDF Adobe Flash Player ActionScript setFocus use after free attempt (file-pdf.rules)
 * 1:46580 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (malware-cnc.rules)
 * 1:46581 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (malware-cnc.rules)
 * 1:46582 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (malware-cnc.rules)
 * 1:46583 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (malware-cnc.rules)
 * 1:46584 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (malware-cnc.rules)
 * 1:46585 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (malware-cnc.rules)
 * 1:46586 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (malware-cnc.rules)
 * 1:46744 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dropper malicious executable download attempt (malware-cnc.rules)
 * 1:46782 <-> DISABLED <-> MALWARE-CNC Unix.Trojan.Vpnfilter variant SSL connection attempt (malware-cnc.rules)
 * 1:46783 <-> DISABLED <-> MALWARE-CNC Unix.Trojan.Vpnfilter variant SSL connection attempt (malware-cnc.rules)
 * 1:46793 <-> DISABLED <-> OS-WINDOWS Malicious zip download attempt (os-windows.rules)
 * 1:46989 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.MBRLock file download (malware-other.rules)
 * 1:47006 <-> DISABLED <-> MALWARE-CNC Win.Trojan.SocketPlayer outbound connection (malware-cnc.rules)
 * 1:47056 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel empty bookViews element denial of service attempt (file-office.rules)
 * 1:47148 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ursnif malicious file download (malware-cnc.rules)
 * 1:47175 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ddeService command execution attempt (file-office.rules)
 * 1:47236 <-> DISABLED <-> MALWARE-CNC Unix.Trojan.Prowli variant outbound connection (malware-cnc.rules)
 * 1:47241 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Mylobot additional payload download (malware-cnc.rules)
 * 1:47242 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Mylobot additional payload download (malware-cnc.rules)
 * 1:47358 <-> DISABLED <-> SERVER-WEBAPP CCTV-DVR command injection attempt (server-webapp.rules)
 * 1:47556 <-> DISABLED <-> MALWARE-CNC Win.Trojan.PLEAD downloader outbound connection (malware-cnc.rules)
 * 1:47557 <-> DISABLED <-> MALWARE-CNC Win.Trojan.PLEAD downloader outbound connection (malware-cnc.rules)
 * 1:47678 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Torpplar variant outbound connection (malware-cnc.rules)
 * 1:47701 <-> DISABLED <-> MALWARE-CNC Win.Backdoor.Iniduoh variant outbound connection (malware-cnc.rules)
 * 1:49255 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:49311 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:49376 <-> DISABLED <-> SERVER-APACHE Apache Struts remote code execution attempt (server-apache.rules)
 * 1:49788 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Zacinlo outbound connection (malware-cnc.rules)
 * 1:49789 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Zacinlo outbound connection (malware-cnc.rules)
 * 1:56130 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56131 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56132 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56133 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56138 <-> ENABLED <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt (server-webapp.rules)

2020-10-29 14:07:10 UTC

Snort Subscriber Rules Update

Date: 2020-10-29

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091600.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:56162 <-> ENABLED <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt (server-webapp.rules)
 * 1:56155 <-> DISABLED <-> SERVER-WEBAPP MobileIron Core & Connector remote code execution attempt (server-webapp.rules)
 * 1:56141 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.Zusy-9784403-0 download attempt (malware-other.rules)
 * 1:56140 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Czxz-9784395-0 download attempt (malware-other.rules)
 * 1:56164 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.PyVil download attempt (malware-other.rules)
 * 1:56154 <-> DISABLED <-> SERVER-WEBAPP MobileIron Core & Connector remote code execution attempt (server-webapp.rules)
 * 1:56167 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.PyVil download attempt (malware-other.rules)
 * 1:56163 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.PyVil download attempt (malware-other.rules)
 * 1:56156 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook email parsing remote code execution attempt (file-office.rules)
 * 1:56157 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook email parsing remote code execution attempt (file-office.rules)
 * 1:56139 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Czxz-9784395-0 download attempt (malware-other.rules)
 * 1:56151 <-> DISABLED <-> SERVER-OTHER Adobe ColdFusion vulnerable DataServicesCFProxy class reference attempt (server-other.rules)
 * 1:56166 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.PyVil outbound communication attempt (malware-other.rules)
 * 1:56150 <-> DISABLED <-> SERVER-OTHER Adobe ColdFusion DataServicesCFProxy insecure Java deserialization attempt (server-other.rules)
 * 1:56142 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.Zusy-9784403-0 download attempt (malware-other.rules)
 * 1:56165 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.PyVil download attempt (malware-other.rules)
 * 3:56145 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1177 attack attempt (server-webapp.rules)
 * 3:56158 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1176 attack attempt (file-image.rules)
 * 3:56161 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1176 attack attempt (file-image.rules)
 * 3:56159 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1176 attack attempt (file-image.rules)
 * 3:56160 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1176 attack attempt (file-image.rules)
 * 3:56147 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1179 attack attempt (server-webapp.rules)
 * 3:56152 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1178 attack attempt (server-webapp.rules)
 * 3:56148 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1179 attack attempt (server-webapp.rules)
 * 3:56146 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1177 attack attempt (server-webapp.rules)
 * 3:56149 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1179 attack attempt (server-webapp.rules)
 * 3:56143 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1177 attack attempt (server-webapp.rules)
 * 3:56144 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1177 attack attempt (server-webapp.rules)
 * 3:56153 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1178 attack attempt (server-webapp.rules)

Modified Rules:


 * 1:31033 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Cryptodefence variant outbound connection (malware-cnc.rules)
 * 1:36707 <-> DISABLED <-> FILE-OFFICE Microsoft Office malformed odttf integer overflow attempt (file-office.rules)
 * 1:36708 <-> DISABLED <-> FILE-OFFICE Microsoft Office malformed odttf integer overflow attempt (file-office.rules)
 * 1:36713 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ClickOnce information disclosure attempt (os-windows.rules)
 * 1:36714 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel slicer style use-after-free attempt (file-office.rules)
 * 1:36715 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel slicer style use-after-free attempt (file-office.rules)
 * 1:36751 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel MdCallBack out of bounds read attempt (file-office.rules)
 * 1:36752 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel MdCallBack out of bounds read attempt (file-office.rules)
 * 1:36812 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer nonexistent attribute removal memory corruption attempt (browser-ie.rules)
 * 1:36819 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:36820 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:36821 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:36822 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:36829 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 actionExtends use-after-free attempt (file-flash.rules)
 * 1:36830 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 actionExtends use-after-free attempt (file-flash.rules)
 * 1:43406 <-> DISABLED <-> FILE-FLASH Adobe Flash Player determinePreferredLocales out of bounds memory read attempt (file-flash.rules)
 * 1:43455 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36831 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 actionExtends use-after-free attempt (file-flash.rules)
 * 1:36832 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 actionExtends use-after-free attempt (file-flash.rules)
 * 1:36846 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 TextField gridFitType use after free attempt (file-flash.rules)
 * 1:36859 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36860 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36863 <-> DISABLED <-> FILE-FLASH Adobe Flash Player attachsound use-after-free attempt (file-flash.rules)
 * 1:36864 <-> DISABLED <-> FILE-FLASH Adobe Flash Player attachsound use-after-free attempt (file-flash.rules)
 * 1:36883 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:36960 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word XML parsing use after free attempt (file-office.rules)
 * 1:36961 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word XML parsing use after free attempt (file-office.rules)
 * 1:36998 <-> DISABLED <-> OS-WINDOWS Microsoft .NET Silverlight manifest resource file information disclosure attempt (os-windows.rules)
 * 1:37071 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter integer overflow attempt (file-flash.rules)
 * 1:43865 <-> DISABLED <-> FILE-IMAGE Adobe Reader EMF EMR_MOVETOEX memory corruption attempt (file-image.rules)
 * 1:43900 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Professional XPS2PDF memory corruption attempt (file-other.rules)
 * 1:37072 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter integer overflow attempt (file-flash.rules)
 * 1:37074 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter integer overflow attempt (file-flash.rules)
 * 1:37075 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter integer overflow attempt (file-flash.rules)
 * 1:37081 <-> DISABLED <-> FILE-FLASH Adobe Flash Player String length heap buffer overflow attempt (file-flash.rules)
 * 1:37082 <-> DISABLED <-> FILE-FLASH Adobe Flash Player String length heap buffer overflow attempt (file-flash.rules)
 * 1:37085 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array memory corruption attempt (file-flash.rules)
 * 1:37086 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array memory corruption attempt (file-flash.rules)
 * 1:37090 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PrintJob object use-after-free attempt (file-flash.rules)
 * 1:37091 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PrintJob object use-after-free attempt (file-flash.rules)
 * 1:37092 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SoundURLStream memory corruption attempt (file-flash.rules)
 * 1:37094 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SoundURLStream memory corruption attempt (file-flash.rules)
 * 1:37105 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MovieClip object use-after-free attempt (file-flash.rules)
 * 1:37106 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MovieClip object use-after-free attempt (file-flash.rules)
 * 1:37109 <-> DISABLED <-> FILE-FLASH Adobe Flash Player selection.setFocus use after free attempt (file-flash.rules)
 * 1:37110 <-> DISABLED <-> FILE-FLASH Adobe Flash Player selection.setFocus use after free attempt (file-flash.rules)
 * 1:37118 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (file-flash.rules)
 * 1:37119 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (file-flash.rules)
 * 1:37121 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MP3 ID3 data parsing heap buffer overflow attempt (file-flash.rules)
 * 1:37123 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MP3 ID3 data parsing heap buffer overflow attempt (file-flash.rules)
 * 1:37128 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 setTransform use-after-free attempt (file-flash.rules)
 * 1:37129 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 setTransform use-after-free attempt (file-flash.rules)
 * 1:37135 <-> DISABLED <-> SERVER-WEBAPP Fireeye Java decompiler reflection remote code execution attempt (server-webapp.rules)
 * 1:37136 <-> DISABLED <-> SERVER-WEBAPP Fireeye Java decompiler reflection remote code execution attempt (server-webapp.rules)
 * 1:37144 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SetSlot type confusion attempt (file-flash.rules)
 * 1:37145 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SetSlot type confusion attempt (file-flash.rules)
 * 1:37157 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject send stack buffer overflow attempt (file-flash.rules)
 * 1:37159 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject send stack buffer overflow attempt (file-flash.rules)
 * 1:37160 <-> DISABLED <-> FILE-FLASH Adobe Flash Player oversize source bitmap memory corruption attempt (file-flash.rules)
 * 1:37161 <-> DISABLED <-> FILE-FLASH Adobe Flash Player oversize source bitmap memory corruption attempt (file-flash.rules)
 * 1:37167 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLStream use after free attempt (file-flash.rules)
 * 1:37168 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLStream use after free attempt (file-flash.rules)
 * 1:37169 <-> DISABLED <-> FILE-FLASH Adobe Flash Player heap memory disclosure via custom valueOf handler attempt (file-flash.rules)
 * 1:37170 <-> DISABLED <-> FILE-FLASH Adobe Flash Player heap memory disclosure via custom valueOf handler attempt (file-flash.rules)
 * 1:37171 <-> DISABLED <-> FILE-FLASH Adobe Flash Player heap memory disclosure via custom valueOf handler attempt (file-flash.rules)
 * 1:37172 <-> DISABLED <-> FILE-FLASH Adobe Flash Player heap memory disclosure via custom valueOf handler attempt (file-flash.rules)
 * 1:37178 <-> DISABLED <-> FILE-FLASH Adobe Flash Player M3U8 parser logic memory corruption attempt (file-flash.rules)
 * 1:37180 <-> DISABLED <-> FILE-FLASH Adobe Flash Player M3U8 parser logic memory corruption attempt (file-flash.rules)
 * 1:37183 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextFormat.tabStops use after free attempt (file-flash.rules)
 * 1:37184 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextFormat.tabStops use after free attempt (file-flash.rules)
 * 1:37185 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextFormat.tabStops use after free attempt (file-flash.rules)
 * 1:37186 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextFormat.tabStops use after free attempt (file-flash.rules)
 * 1:37205 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object.addProperty method use after free attempt (file-flash.rules)
 * 1:37206 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object.addProperty method use after free attempt (file-flash.rules)
 * 1:37208 <-> DISABLED <-> FILE-FLASH Adobe Flash Player LoadVars decode use after free attempt (file-flash.rules)
 * 1:37210 <-> DISABLED <-> FILE-FLASH Adobe Flash Player LoadVars decode use after free attempt (file-flash.rules)
 * 1:37216 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MovieClip setMask use after free attempt (file-flash.rules)
 * 1:37218 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MovieClip setMask use after free attempt (file-flash.rules)
 * 1:37237 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object hasOwnProperty use after free attempt (file-flash.rules)
 * 1:37239 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object hasOwnProperty use after free attempt (file-flash.rules)
 * 1:37247 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeMovieClip use after free attempt (file-flash.rules)
 * 1:37248 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeMovieClip use after free attempt (file-flash.rules)
 * 1:37249 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeMovieClip use after free attempt (file-flash.rules)
 * 1:37259 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel mso20win32client use after free attempt (file-office.rules)
 * 1:37265 <-> DISABLED <-> FILE-OFFICE Microsoft Office metafile conversion out of bounds read attempt (file-office.rules)
 * 1:37266 <-> DISABLED <-> FILE-OFFICE Microsoft Office metafile conversion out of bounds read attempt (file-office.rules)
 * 1:37267 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight GetChar out of bounds read attempt (browser-plugins.rules)
 * 1:37268 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight GetChar out of bounds read attempt (browser-plugins.rules)
 * 1:37345 <-> DISABLED <-> FILE-FLASH Adobe Flash Player improper display list handling memory corruption attempt (file-flash.rules)
 * 1:37347 <-> DISABLED <-> FILE-FLASH Adobe Flash Player improper display list handling memory corruption attempt (file-flash.rules)
 * 1:37399 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader custom string length function memory corruption attempt (file-pdf.rules)
 * 1:37525 <-> DISABLED <-> SERVER-OTHER NTP arbitrary pidfile and driftfile overwrite attempt (server-other.rules)
 * 1:37550 <-> DISABLED <-> EXPLOIT-KIT Nuclear landing page detected (exploit-kit.rules)
 * 1:37592 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel formula length heap corruption attempt (file-office.rules)
 * 1:37593 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel formula length heap corruption attempt (file-office.rules)
 * 1:37600 <-> DISABLED <-> FILE-OFFICE Microsoft Powerpoint shape objects null pointer dereference memory corruption attempt (file-office.rules)
 * 1:37601 <-> DISABLED <-> FILE-OFFICE Microsoft Powerpoint shape objects null pointer dereference memory corruption attempt (file-office.rules)
 * 1:37664 <-> DISABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 1:37670 <-> DISABLED <-> FILE-FLASH Adobe Flash Player convolution filter use-after-free attempt (file-flash.rules)
 * 1:37671 <-> DISABLED <-> FILE-FLASH Adobe Flash Player convolution filter use-after-free attempt (file-flash.rules)
 * 1:37700 <-> DISABLED <-> FILE-OFFICE Microsoft Office ole object external file loading attempt (file-office.rules)
 * 1:37702 <-> DISABLED <-> FILE-OFFICE Microsoft Office ole object external file loading attempt (file-office.rules)
 * 1:37703 <-> DISABLED <-> FILE-OFFICE Microsoft Office ole object external file loading attempt (file-office.rules)
 * 1:37704 <-> DISABLED <-> FILE-OFFICE Microsoft Office ole object external file loading attempt (file-office.rules)
 * 1:37705 <-> DISABLED <-> FILE-OFFICE Microsoft Office ole object external file loading attempt (file-office.rules)
 * 1:37706 <-> DISABLED <-> FILE-OFFICE Microsoft Office ole object external file loading attempt (file-office.rules)
 * 1:37711 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:37726 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:37727 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:37734 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Point object integer overflow attempt (file-flash.rules)
 * 1:37736 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Point object integer overflow attempt (file-flash.rules)
 * 1:37740 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BlurFilter memory corruption attempt (file-flash.rules)
 * 1:37741 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BlurFilter memory corruption attempt (file-flash.rules)
 * 1:37744 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextLine memory corruption attempt (file-flash.rules)
 * 1:37745 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextLine memory corruption attempt (file-flash.rules)
 * 1:37754 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Point object integer overflow attempt (file-flash.rules)
 * 1:37755 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Point object integer overflow attempt (file-flash.rules)
 * 1:37757 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid sourceRect copyPixels heap corruption attempt (file-flash.rules)
 * 1:37758 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid sourceRect copyPixels heap corruption attempt (file-flash.rules)
 * 1:37761 <-> DISABLED <-> FILE-FLASH Adobe Flash Player rectangle auxiliary method integer overflow attempt (file-flash.rules)
 * 1:37764 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData method memory corruption attempt (file-flash.rules)
 * 1:37770 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative custom getter use after free attempt (file-flash.rules)
 * 1:37771 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative custom getter use after free attempt (file-flash.rules)
 * 1:37774 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript constructor use after free attempt (file-flash.rules)
 * 1:37776 <-> DISABLED <-> FILE-FLASH Adobe Flash Player LoadVars use-after-free attempt (file-flash.rules)
 * 1:37777 <-> DISABLED <-> FILE-FLASH Adobe Flash Player LoadVars use-after-free attempt (file-flash.rules)
 * 1:37783 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed Adobe Texture Format heap overflow attempt (file-flash.rules)
 * 1:37790 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative use after free attempt (file-flash.rules)
 * 1:37792 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative use after free attempt (file-flash.rules)
 * 1:37797 <-> DISABLED <-> FILE-FLASH Adobe Flash Player rectangle memory access violation attempt (file-flash.rules)
 * 1:37798 <-> DISABLED <-> FILE-FLASH Adobe Flash Player rectangle memory access violation attempt (file-flash.rules)
 * 1:37801 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (browser-plugins.rules)
 * 1:37808 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer underflow attempt (file-flash.rules)
 * 1:37824 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:37825 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:37938 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:37939 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:38074 <-> DISABLED <-> BROWSER-IE Microsoft Edge CAsyncTpWorker Windows.Data.Pdf.dll object use after free attempt (browser-ie.rules)
 * 1:38076 <-> DISABLED <-> BROWSER-IE Microsoft Edge CAsyncTpWorker Windows.Data.Pdf.dll object use after free attempt (browser-ie.rules)
 * 1:38101 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word wwlib.dll invalid pointer read attempt (file-office.rules)
 * 1:38165 <-> DISABLED <-> FILE-FLASH Adobe Flash Player hitTest BitmapData object integer overflow attempt (file-flash.rules)
 * 1:38167 <-> DISABLED <-> FILE-FLASH Adobe Flash Player hitTest BitmapData object integer overflow attempt (file-flash.rules)
 * 1:38169 <-> DISABLED <-> FILE-FLASH Adobe Flash Player hitTest BitmapData object integer overflow attempt (file-flash.rules)
 * 1:38170 <-> DISABLED <-> FILE-FLASH Adobe Flash Player hitTest BitmapData object integer overflow attempt (file-flash.rules)
 * 1:38175 <-> DISABLED <-> FILE-FLASH Adobe Standalone Flash Player texfield getter use after free attempt (file-flash.rules)
 * 1:38179 <-> DISABLED <-> FILE-FLASH Adobe Standalone Flash Player ASnative object use after free attempt (file-flash.rules)
 * 1:38182 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 multiple axis attributes integer overflow attempt (file-flash.rules)
 * 1:38184 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 multiple axis attributes integer overflow attempt (file-flash.rules)
 * 1:38191 <-> DISABLED <-> FILE-FLASH Adobe Flash Player si32 integer overflow attempt (file-flash.rules)
 * 1:38192 <-> DISABLED <-> FILE-FLASH Adobe Flash Player si32 integer overflow attempt (file-flash.rules)
 * 1:38197 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursion calls stack overflow attempt (file-flash.rules)
 * 1:38198 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursion calls stack overflow attempt (file-flash.rules)
 * 1:38207 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MPD use-after-free attempt (file-flash.rules)
 * 1:38208 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MPD use-after-free attempt (file-flash.rules)
 * 1:38211 <-> DISABLED <-> FILE-PDF Adobe Reader JPEG 2000 chrominance subsampling memory corruption attempt (file-pdf.rules)
 * 1:38212 <-> DISABLED <-> FILE-PDF Adobe Reader JPEG 2000 chrominance subsampling memory corruption attempt (file-pdf.rules)
 * 1:38215 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData.paletteMap size mismatch integer overflow attempt (file-flash.rules)
 * 1:38216 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData.paletteMap size mismatch integer overflow attempt (file-flash.rules)
 * 1:38219 <-> DISABLED <-> FILE-FLASH Adobe Flash Player use after free attempt (file-flash.rules)
 * 1:38220 <-> DISABLED <-> FILE-FLASH Adobe Flash Player use after free (file-flash.rules)
 * 1:38223 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader annotation oversized array memory corruption attempt (file-pdf.rules)
 * 1:38239 <-> DISABLED <-> FILE-FLASH Adobe Flash Player rectangle width integer overflow attempt (file-flash.rules)
 * 1:38241 <-> DISABLED <-> FILE-FLASH Adobe Flash Player rectangle width integer overflow attempt (file-flash.rules)
 * 1:38286 <-> DISABLED <-> SERVER-WEBAPP Reprise License Manager actserver stack buffer overflow attempt (server-webapp.rules)
 * 1:38287 <-> DISABLED <-> SERVER-WEBAPP Reprise License Manager akey stack buffer overflow attempt (server-webapp.rules)
 * 1:38288 <-> DISABLED <-> SERVER-WEBAPP Reprise License Manager licfile stack buffer overflow attempt (server-webapp.rules)
 * 1:38327 <-> DISABLED <-> MALWARE-BACKDOOR ReGeorg proxy read attempt (malware-backdoor.rules)
 * 1:38405 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Transform Class Matrix AS2 use after free attempt (file-flash.rules)
 * 1:38406 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Transform Class Matrix AS2 use after free attempt (file-flash.rules)
 * 1:38409 <-> DISABLED <-> FILE-FLASH Adobe Flash Player JPEG-XR decode buffer overflow attempt (file-flash.rules)
 * 1:38410 <-> DISABLED <-> FILE-FLASH Adobe Flash Player JPEG-XR decode buffer overflow attempt (file-flash.rules)
 * 1:38413 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection to ColorMatrixFilter object type confusion attempt (file-flash.rules)
 * 1:38415 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection to ColorMatrixFilter object type confusion attempt (file-flash.rules)
 * 1:38425 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ExportAssets count memory corruption attempt (file-flash.rules)
 * 1:38430 <-> DISABLED <-> FILE-FLASH Adobe Flash Player toString type confusion memory corruption attempt (file-flash.rules)
 * 1:38433 <-> DISABLED <-> FILE-FLASH Adobe Flash Player toString type confusion memory corruption attempt (file-flash.rules)
 * 1:38481 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel msxml6 ParseElementN use after free attempt (file-office.rules)
 * 1:38482 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel msxml6 ParseElementN use after free attempt (file-office.rules)
 * 1:38577 <-> DISABLED <-> FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (file-flash.rules)
 * 1:38593 <-> DISABLED <-> EXPLOIT-KIT Nuclear Exploit Kit back end communications attempt (exploit-kit.rules)
 * 1:38631 <-> DISABLED <-> FILE-FLASH Angler exploit kit Adobe Flash SWF exploit download (file-flash.rules)
 * 1:38632 <-> DISABLED <-> FILE-FLASH Angler exploit kit Adobe Flash SWF exploit download (file-flash.rules)
 * 1:38635 <-> DISABLED <-> FILE-FLASH Nuclear exploit kit Adobe Flash SWF exploit download (file-flash.rules)
 * 1:38636 <-> DISABLED <-> FILE-FLASH Nuclear exploit kit Adobe Flash SWF exploit download (file-flash.rules)
 * 1:38729 <-> DISABLED <-> SERVER-OTHER Mediabridge Medialink MWN-WAPR300N and Tenda N3 Wireless N150 inbound admin attempt (server-other.rules)
 * 1:38772 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer EMF file integer overflow attempt (browser-ie.rules)
 * 1:38782 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word TTF out-of-bounds memory access attempt (file-office.rules)
 * 1:38783 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word TTF out-of-bounds memory access attempt (file-office.rules)
 * 1:38830 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ContentFactory memory corruption attempt (file-flash.rules)
 * 1:38832 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ContentFactory memory corruption attempt (file-flash.rules)
 * 1:38833 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ContentFactory memory corruption attempt (file-flash.rules)
 * 1:38841 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VBScript toString redim array use after free attempt (browser-ie.rules)
 * 1:38881 <-> DISABLED <-> FILE-FLASH Adobe Flash Player FileReference type confusion attempt (file-flash.rules)
 * 1:38883 <-> DISABLED <-> FILE-FLASH Adobe Flash Player FileReference type confusion attempt (file-flash.rules)
 * 1:38972 <-> DISABLED <-> FILE-FLASH Adobe Flash Player OpportunityGenerator.update memory corruption attempt (file-flash.rules)
 * 1:38973 <-> DISABLED <-> FILE-FLASH Adobe Flash Player OpportunityGenerator.update memory corruption attempt (file-flash.rules)
 * 1:38974 <-> DISABLED <-> FILE-FLASH Adobe Flash Player OpportunityGenerator.update memory corruption attempt (file-flash.rules)
 * 1:38980 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed FlateDecode stream use after free attempt (file-pdf.rules)
 * 1:38981 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed FlateDecode stream use after free attempt (file-pdf.rules)
 * 1:38996 <-> DISABLED <-> FILE-FLASH Adobe Flash Player addProperty use after free attempt (file-flash.rules)
 * 1:38998 <-> DISABLED <-> FILE-FLASH Adobe Flash Player addProperty use after free attempt (file-flash.rules)
 * 1:39009 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setMetadata memory corruption attempt (file-flash.rules)
 * 1:39010 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setMetadata memory corruption attempt (file-flash.rules)
 * 1:39013 <-> DISABLED <-> FILE-PDF Adobe Reader CTJPEGDecoderReadNextTile out of bounds read attempt (file-pdf.rules)
 * 1:39014 <-> DISABLED <-> FILE-PDF Adobe Reader CTJPEGDecoderReadNextTile out of bounds read attempt (file-pdf.rules)
 * 1:39015 <-> DISABLED <-> FILE-PDF Adobe Reader AcroForm dictionary object use after free attempt (file-pdf.rules)
 * 1:39019 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PSDK use-after-free attempt (file-flash.rules)
 * 1:39020 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PSDK use-after-free attempt (file-flash.rules)
 * 1:39022 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PSDK use-after-free attempt (file-flash.rules)
 * 1:39024 <-> DISABLED <-> FILE-FLASH Adobe Flash Player selection.setFocus use after free attempt (file-flash.rules)
 * 1:39025 <-> DISABLED <-> FILE-FLASH Adobe Flash Player selection.setFocus use after free attempt (file-flash.rules)
 * 1:39032 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASSetNative use-after-free attempt (file-flash.rules)
 * 1:39033 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASSetNative use-after-free attempt (file-flash.rules)
 * 1:39102 <-> DISABLED <-> FILE-PDF Adobe Reader PDF embedded JPEG memory corruption attempt (file-pdf.rules)
 * 1:39103 <-> DISABLED <-> FILE-PDF Adobe Reader PDF embedded JPEG memory corruption attempt (file-pdf.rules)
 * 1:39261 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malformed OTF file out-of-bounds memory access attempt (file-other.rules)
 * 1:39272 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShimContentFactory uninitialized pointer use attempt (file-flash.rules)
 * 1:39280 <-> DISABLED <-> FILE-FLASH Adobe Primetime SDK object type confusion overflow attempt (file-flash.rules)
 * 1:39285 <-> DISABLED <-> FILE-FLASH Adobe Flash Player loadSound use after free attempt (file-flash.rules)
 * 1:39288 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShimContentResolver out of bounds memory access attempt (file-flash.rules)
 * 1:39290 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Primetime SDK ShimContentResolver out of bounds memory access attempt (file-flash.rules)
 * 1:39298 <-> DISABLED <-> FILE-FLASH Adobe Flash player retrieveResolvers memory corruption attempt (file-flash.rules)
 * 1:39305 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Primetime SDK ShimContentResolver out of bounds memory access attempt (file-flash.rules)
 * 1:39319 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShimOpportunityGenerator out of bounds memory access attempt (file-flash.rules)
 * 1:39398 <-> DISABLED <-> SERVER-WEBAPP Symantec SEPM management console cross site scripting attempt (server-webapp.rules)
 * 1:39402 <-> DISABLED <-> FILE-OTHER Symantec Antivirus ALPkOldFormatDecompressor out of bounds read attempt (file-other.rules)
 * 1:39441 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer overflow attempt (file-flash.rules)
 * 1:39457 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer underflow attempt (file-flash.rules)
 * 1:39505 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Edge text node table-cell use after free attempt (browser-ie.rules)
 * 1:39524 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel empty bookViews element denial of service attempt (file-office.rules)
 * 1:39525 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel empty bookViews element denial of service attempt (file-office.rules)
 * 1:39540 <-> DISABLED <-> FILE-FLASH Adobe Flash Player local-with-filesystem security bypass attempt (file-flash.rules)
 * 1:39543 <-> DISABLED <-> FILE-FLASH Adobe Flash Player local-with-filesystem security bypass attempt (file-flash.rules)
 * 1:39564 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TimedEvent memory corruption attempt (file-flash.rules)
 * 1:39685 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Tinba variant outbound connection (malware-cnc.rules)
 * 1:39687 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed embeded TTF file memory corruption attempt (file-pdf.rules)
 * 1:39690 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ABRControlParameters access memory corruption attempt (file-flash.rules)
 * 1:39702 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MediaPlayerItemLoader out of bounds memory access attempt (file-flash.rules)
 * 1:39799 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader raster image memory corruption attempt (file-pdf.rules)
 * 1:39824 <-> DISABLED <-> OS-WINDOWS Microsoft Windows GDI emf file integer overflow attempt (os-windows.rules)
 * 1:39843 <-> DISABLED <-> OS-WINDOWS Microsoft Windows gdiplus EMF EmrText out of bounds write attempt (os-windows.rules)
 * 1:39851 <-> DISABLED <-> INDICATOR-COMPROMISE Connection to malware sinkhole - CERT.PL (indicator-compromise.rules)
 * 1:39893 <-> DISABLED <-> OS-LINUX Linux Kernel USBIP out of bounds write attempt (os-linux.rules)
 * 1:39894 <-> DISABLED <-> OS-LINUX Linux Kernel USBIP out of bounds write attempt (os-linux.rules)
 * 1:40075 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel LPenHelper out of bounds write attempt (file-office.rules)
 * 1:40076 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel LPenHelper out of bounds write attempt (file-office.rules)
 * 1:40102 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40103 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40104 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40105 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40106 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40107 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40116 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40117 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40121 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40122 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40152 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DRMManager memory corruption attempt (file-flash.rules)
 * 1:40167 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShimContentResolver out of bounds memory access attempt (file-flash.rules)
 * 1:40178 <-> DISABLED <-> FILE-FLASH Adobe Flash Player local-with-filesystem sandbox escape attempt (file-flash.rules)
 * 1:40236 <-> DISABLED <-> FILE-PDF Adobe Reader embedded font out of bounds memory access attempt (file-pdf.rules)
 * 1:40237 <-> DISABLED <-> FILE-PDF Adobe Reader embedded font out of bounds memory access attempt (file-pdf.rules)
 * 1:40312 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CTreePos type confusion attempt (browser-ie.rules)
 * 1:40375 <-> DISABLED <-> OS-WINDOWS Microsoft Windows insecure BoundaryDescriptor privilege escalation attempt (os-windows.rules)
 * 1:40425 <-> DISABLED <-> OS-WINDOWS Microsoft Windows GDI+ EMF buffer overread attempt (os-windows.rules)
 * 1:40503 <-> DISABLED <-> FILE-FLASH Adobe Flash Player QOSProvider use-after-free attempt (file-flash.rules)
 * 1:40706 <-> DISABLED <-> FILE-OTHER Microsoft Windows OTF cmap table parsing integer overflow attempt (file-other.rules)
 * 1:40717 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel LPenHelper use after free attempt (file-office.rules)
 * 1:40718 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel LPenHelper use after free attempt (file-office.rules)
 * 1:40737 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Primetime SDK AdvertisingMetadata type confustion attempt (file-flash.rules)
 * 1:40743 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource use after free attempt (file-flash.rules)
 * 1:40753 <-> ENABLED <-> EXPLOIT-KIT Rig exploit kit outbound communication (exploit-kit.rules)
 * 1:40813 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight GetChar out of bounds read attempt (browser-plugins.rules)
 * 1:40814 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight GetChar out of bounds read attempt (browser-plugins.rules)
 * 1:40934 <-> DISABLED <-> FILE-EXECUTABLE Nvidia Windows kernel mode driver denial of service attempt (file-executable.rules)
 * 1:40957 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel security descriptor out of bounds read attempt (file-office.rules)
 * 1:40958 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel security descriptor out of bounds read attempt (file-office.rules)
 * 1:40959 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ddeService command execution attempt (file-office.rules)
 * 1:40960 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ddeService command execution attempt (file-office.rules)
 * 1:40983 <-> DISABLED <-> FILE-OTHER Microsoft Internet Explorer malformed ico integer overflow attempt (file-other.rules)
 * 1:41003 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Primetime SDK out of bounds read attempt (file-flash.rules)
 * 1:41015 <-> DISABLED <-> FILE-FLASH Acrobat Flash WorkerDomain memory corruption attempt (file-flash.rules)
 * 1:41026 <-> DISABLED <-> SERVER-WEBAPP Advantech WebAccess Dashboard remote code execution attempt (server-webapp.rules)
 * 1:41310 <-> DISABLED <-> FILE-IMAGE libBPG restore_tqb_pixel out of bounds write attempt (file-image.rules)
 * 1:41344 <-> DISABLED <-> FILE-OTHER CorelDRAW X8 EMF invalid ihBrush field value out of bounds read attempt (file-other.rules)
 * 1:41358 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Primetime SDK ShimContentResolver memory corruption attempt (file-flash.rules)
 * 1:41515 <-> DISABLED <-> POLICY-OTHER McAfee Virus Scan Linux outdated version detected (policy-other.rules)
 * 1:41516 <-> DISABLED <-> SERVER-WEBAPP McAfee Virus Scan Linux file existence test attempt (server-webapp.rules)
 * 1:41521 <-> DISABLED <-> SERVER-WEBAPP McAfee Virus Scan Linux cross site scripting attempt (server-webapp.rules)
 * 1:41565 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:41566 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:41601 <-> DISABLED <-> FILE-PDF Microsoft Edge PDF Builder out of bounds read attempt (file-pdf.rules)
 * 1:41602 <-> DISABLED <-> FILE-PDF Microsoft Edge PDF Builder out of bounds read attempt (file-pdf.rules)
 * 1:41624 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MessageChannel type confusion attempt (file-flash.rules)
 * 1:41630 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PSDK EventDispatch removeEventListener use after free attempt (file-flash.rules)
 * 1:41680 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShimContentResolver out of bounds memory access attempt (file-flash.rules)
 * 1:41681 <-> DISABLED <-> SERVER-WEBAPP McAfee Virus Scan Linux remote code execution attempt (server-webapp.rules)
 * 1:41783 <-> ENABLED <-> EXPLOIT-KIT Rig exploit kit URL outbound communication (exploit-kit.rules)
 * 1:41818 <-> DISABLED <-> SERVER-APACHE Apache Struts remote code execution attempt (server-apache.rules)
 * 1:41819 <-> DISABLED <-> SERVER-APACHE Apache Struts remote code execution attempt (server-apache.rules)
 * 1:41976 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel shared strings memory corruption attempt (file-office.rules)
 * 1:41977 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel shared strings memory corruption attempt (file-office.rules)
 * 1:41979 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel shared strings memory corruption attempt (file-office.rules)
 * 1:41980 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel shared strings memory corruption attempt (file-office.rules)
 * 1:42080 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Jenxcus outbound connection with unique User-Agent (malware-cnc.rules)
 * 1:42097 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Resolution Opportunity parameter memory corruption attempt (file-flash.rules)
 * 1:42150 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malformed OTF file out-of-bounds memory access attempt (file-other.rules)
 * 1:42151 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malformed OTF file out-of-bounds memory access attempt (file-other.rules)
 * 1:42161 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel  out of bounds memory attempt (file-office.rules)
 * 1:42162 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel out of bounds memory attempt (file-office.rules)
 * 1:42222 <-> DISABLED <-> SERVER-WEBAPP Moxa MX Studio login page denial of service attempt (server-webapp.rules)
 * 1:42372 <-> ENABLED <-> POLICY-OTHER eicar file detected (policy-other.rules)
 * 1:42373 <-> ENABLED <-> POLICY-OTHER eicar file detected (policy-other.rules)
 * 1:42374 <-> ENABLED <-> POLICY-OTHER eicar file detected (policy-other.rules)
 * 1:42375 <-> ENABLED <-> POLICY-OTHER eicar file detected (policy-other.rules)
 * 1:42376 <-> ENABLED <-> POLICY-OTHER eicar file detected (policy-other.rules)
 * 1:42810 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData out of bounds memory access attempt (file-flash.rules)
 * 1:42811 <-> DISABLED <-> BROWSER-IE Microsoft Edge Chakra Engine use-after-free attempt (browser-ie.rules)
 * 1:42812 <-> DISABLED <-> BROWSER-IE Microsoft Edge Chakra Engine use-after-free attempt (browser-ie.rules)
 * 1:42816 <-> DISABLED <-> FILE-FLASH Adobe Flash Player display object mask use after free attempt (file-flash.rules)
 * 1:42817 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayObject use after free attempt (file-flash.rules)
 * 1:42902 <-> DISABLED <-> FILE-OFFICE Microsoft Office EPS restore command use after free attempt (file-office.rules)
 * 1:42904 <-> DISABLED <-> FILE-OFFICE Microsoft Office EPS restore command use after free attempt (file-office.rules)
 * 1:42911 <-> DISABLED <-> FILE-PDF Acrobat Reader TIFF malformed IFD tag heap overflow attempt (file-pdf.rules)
 * 1:42913 <-> DISABLED <-> FILE-PDF Acrobat Reader TIFF malformed IFD tag heap overflow attempt (file-pdf.rules)
 * 1:42915 <-> DISABLED <-> FILE-PDF Acrobat Reader TIFF malformed IFD tag heap overflow attempt (file-pdf.rules)
 * 1:43048 <-> DISABLED <-> FILE-FLASH Adobe Flash Player JSON stringify memory corruption attempt (file-flash.rules)
 * 1:43169 <-> DISABLED <-> BROWSER-IE Microsoft Edge textContent use after free attempt (browser-ie.rules)
 * 1:43179 <-> DISABLED <-> FILE-OFFICE Powerpoint mouseover powershell malware download attempt (file-office.rules)
 * 1:43221 <-> DISABLED <-> MALWARE-OTHER Win.Trojan-Downloader.Jadtree GET request of RAR file to server (malware-other.rules)
 * 1:43383 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AdvertisingMetadata use after free attempt (file-flash.rules)
 * 1:43790 <-> DISABLED <-> SERVER-OTHER Apache mod_auth_digest out of bounds read attempt (server-other.rules)
 * 1:43625 <-> DISABLED <-> SERVER-WEBAPP Axis M3004 remote code execution attempt (server-webapp.rules)
 * 1:43901 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Professional XPS2PDF memory corruption attempt (file-other.rules)
 * 1:43912 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Professional XPS2PDF memory corruption attempt (file-other.rules)
 * 1:43913 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Professional XPS2PDF memory corruption attempt (file-other.rules)
 * 1:43967 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Acrobat Professional EMF malformed EMR_POLYBEZIERTO16 out of bounds access attempt (file-multimedia.rules)
 * 1:43977 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader graphics engine memory corruption attempt (file-pdf.rules)
 * 1:43978 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader graphics engine memory corruption attempt (file-pdf.rules)
 * 1:43993 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader graphics engine memory corruption attempt (file-pdf.rules)
 * 1:43994 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader graphics engine memory corruption attempt (file-pdf.rules)
 * 1:44016 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Rectangle constructor use after free attempt (file-flash.rules)
 * 1:44017 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Rectangle constructor use after free attempt (file-flash.rules)
 * 1:44052 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word EPS filter PostScript object use after free attempt (file-office.rules)
 * 1:44338 <-> DISABLED <-> BROWSER-IE Microsoft Edge denial of service attempt (browser-ie.rules)
 * 1:44360 <-> DISABLED <-> SERVER-WEBAPP Trend Micro proxy_controller.php command injection attempt (server-webapp.rules)
 * 1:44361 <-> DISABLED <-> SERVER-WEBAPP Trend Micro proxy_controller.php command injection attempt (server-webapp.rules)
 * 1:44404 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Trickbot malicious communication attempt (malware-cnc.rules)
 * 1:44430 <-> DISABLED <-> FILE-OFFICE Fin7 Maldoc campaign exploitation attempt  (file-office.rules)
 * 1:44431 <-> DISABLED <-> FILE-OFFICE Fin7 Maldoc campaign exploitation attempt  (file-office.rules)
 * 1:44564 <-> DISABLED <-> MALWARE-CNC PowerShell Empire variant outbound connection (malware-cnc.rules)
 * 1:44619 <-> DISABLED <-> MALWARE-CNC Android Red Alert Trojan outbound connection (malware-cnc.rules)
 * 1:44620 <-> DISABLED <-> MALWARE-CNC Android Red Alert Trojan outbound connection (malware-cnc.rules)
 * 1:44621 <-> DISABLED <-> MALWARE-CNC Android Red Alert Trojan outbound connection (malware-cnc.rules)
 * 1:44622 <-> DISABLED <-> MALWARE-CNC Android Red Alert Trojan outbound connection (malware-cnc.rules)
 * 1:44646 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.BadRabbit propagation via SVCCTL remote service attempt (malware-other.rules)
 * 1:44657 <-> DISABLED <-> SERVER-WEBAPP Unitrends Enterprise Backup API SQL injection attempt (server-webapp.rules)
 * 1:44688 <-> DISABLED <-> SERVER-WEBAPP Netgear DGN1000 series routers arbitrary command execution attempt (server-webapp.rules)
 * 1:44880 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF EMR_STRETCHDIBITS memory corruption attempt (file-image.rules)
 * 1:44885 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat XPS unicode glyph pointer out of bounds (file-image.rules)
 * 1:44892 <-> DISABLED <-> FILE-FLASH Adobe Flash Player determinePreferredLocales memory corruption attempt (file-flash.rules)
 * 1:44903 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PSDK Metadata memory corruption attempt (file-flash.rules)
 * 1:44929 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF out of bounds write attempt (file-image.rules)
 * 1:44964 <-> DISABLED <-> FILE-FLASH Adobe Flash Player tvsdk object use after free attempt (file-flash.rules)
 * 1:44969 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF EmfPlusFont memory corruption attempt (file-image.rules)
 * 1:45117 <-> DISABLED <-> SERVER-WEBAPP Huawei DeviceUpgrade command injection attempt (server-webapp.rules)
 * 1:45130 <-> DISABLED <-> OS-WINDOWS Microsoft Windows RRAS service arbitrary pointer dereference attempt (os-windows.rules)
 * 1:45131 <-> DISABLED <-> OS-WINDOWS Microsoft Windows RRAS service arbitrary pointer dereference attempt (os-windows.rules)
 * 1:45132 <-> DISABLED <-> FILE-OFFICE Microsoft Office Equation Editor object stack buffer overflow attempt (file-office.rules)
 * 1:45148 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Array out of bounds write attempt (browser-ie.rules)
 * 1:45162 <-> DISABLED <-> BROWSER-IE Microsoft Edge memory corruption attempt (browser-ie.rules)
 * 1:45169 <-> DISABLED <-> BROWSER-IE Microsoft Edge array type confusion attempt (browser-ie.rules)
 * 1:45336 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ursnif variant outbound connection attempt (malware-cnc.rules)
 * 1:45370 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word docx subDocument file include attempt (file-office.rules)
 * 1:45371 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word docx subDocument file include attempt (file-office.rules)
 * 1:45564 <-> DISABLED <-> MALWARE-CNC Unix.Trojan.Vpnfilter variant outbound connection attempt (malware-cnc.rules)
 * 1:45642 <-> DISABLED <-> MALWARE-CNC Vbs.Trojan.Agent outbound connection (malware-cnc.rules)
 * 1:45643 <-> DISABLED <-> MALWARE-CNC Vbs.Trojan.Agent inbound payload download (malware-cnc.rules)
 * 1:45646 <-> DISABLED <-> MALWARE-CNC Vbs.Trojan.Agent outbound system information disclosure (malware-cnc.rules)
 * 1:45682 <-> DISABLED <-> SERVER-OTHER HP Integrated Lights-Out HTTP headers processing buffer overflow attempt (server-other.rules)
 * 1:45771 <-> DISABLED <-> MALWARE-CNC Win.Trojan.CannibalRAT initial outbound connection (malware-cnc.rules)
 * 1:45772 <-> DISABLED <-> MALWARE-CNC Win.Trojan.CannibalRAT outbound reporting attempt (malware-cnc.rules)
 * 1:45773 <-> DISABLED <-> MALWARE-CNC Win.Trojan.CannibalRAT outbound upload attempt (malware-cnc.rules)
 * 1:45904 <-> DISABLED <-> MALWARE-BACKDOOR CobaltStrike inbound beacon download (malware-backdoor.rules)
 * 1:45909 <-> DISABLED <-> MALWARE-CNC CobaltStrike trial version inbound beacon response (malware-cnc.rules)
 * 1:45922 <-> DISABLED <-> EXPLOIT-KIT Terror EK exe download attempt (exploit-kit.rules)
 * 1:45923 <-> DISABLED <-> EXPLOIT-KIT Terror EK dll download attempt (exploit-kit.rules)
 * 1:45949 <-> DISABLED <-> PUA-OTHER Coinhive TLS server hello attempt (pua-other.rules)
 * 1:45950 <-> DISABLED <-> PUA-OTHER Coinhive TLS client hello attempt (pua-other.rules)
 * 1:45972 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Chafer malicious communication attempt (malware-cnc.rules)
 * 1:45973 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Chafer malicious communication attempt (malware-cnc.rules)
 * 1:45976 <-> DISABLED <-> SERVER-WEBAPP Pivotal Spring Data REST PATCH request remote code execution attempt (server-webapp.rules)
 * 1:45977 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB kernel heap memory leak attempt (os-windows.rules)
 * 1:45978 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB kernel heap memory leak attempt (os-windows.rules)
 * 1:46129 <-> DISABLED <-> MALWARE-CNC Win.Trojan.HW32 variant outbound connection (malware-cnc.rules)
 * 1:46135 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Krodown variant connection attempt (malware-cnc.rules)
 * 1:46137 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Cidox variant outbound connection attempt (malware-cnc.rules)
 * 1:46249 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Rovnix outbound connection attempt (malware-cnc.rules)
 * 1:46250 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Rovnix outbound connection attempt (malware-cnc.rules)
 * 1:46251 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Rovnix outbound connection attempt (malware-cnc.rules)
 * 1:46252 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Rovnix outbound connection attempt (malware-cnc.rules)
 * 1:46371 <-> DISABLED <-> PUA-OTHER Moonify TLS server hello attempt (pua-other.rules)
 * 1:46372 <-> DISABLED <-> PUA-OTHER Moonify TLS client hello attempt (pua-other.rules)
 * 1:46490 <-> DISABLED <-> FILE-PDF Adobe Flash Player ActionScript setFocus use after free attempt (file-pdf.rules)
 * 1:46491 <-> DISABLED <-> FILE-PDF Adobe Flash Player ActionScript setFocus use after free attempt (file-pdf.rules)
 * 1:46580 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (malware-cnc.rules)
 * 1:46581 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (malware-cnc.rules)
 * 1:46582 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (malware-cnc.rules)
 * 1:46583 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (malware-cnc.rules)
 * 1:46584 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (malware-cnc.rules)
 * 1:46585 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (malware-cnc.rules)
 * 1:46586 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (malware-cnc.rules)
 * 1:46744 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dropper malicious executable download attempt (malware-cnc.rules)
 * 1:46782 <-> DISABLED <-> MALWARE-CNC Unix.Trojan.Vpnfilter variant SSL connection attempt (malware-cnc.rules)
 * 1:46783 <-> DISABLED <-> MALWARE-CNC Unix.Trojan.Vpnfilter variant SSL connection attempt (malware-cnc.rules)
 * 1:46793 <-> DISABLED <-> OS-WINDOWS Malicious zip download attempt (os-windows.rules)
 * 1:46989 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.MBRLock file download (malware-other.rules)
 * 1:47006 <-> DISABLED <-> MALWARE-CNC Win.Trojan.SocketPlayer outbound connection (malware-cnc.rules)
 * 1:47056 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel empty bookViews element denial of service attempt (file-office.rules)
 * 1:47148 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ursnif malicious file download (malware-cnc.rules)
 * 1:47175 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ddeService command execution attempt (file-office.rules)
 * 1:47236 <-> DISABLED <-> MALWARE-CNC Unix.Trojan.Prowli variant outbound connection (malware-cnc.rules)
 * 1:47241 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Mylobot additional payload download (malware-cnc.rules)
 * 1:47242 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Mylobot additional payload download (malware-cnc.rules)
 * 1:47358 <-> DISABLED <-> SERVER-WEBAPP CCTV-DVR command injection attempt (server-webapp.rules)
 * 1:47556 <-> DISABLED <-> MALWARE-CNC Win.Trojan.PLEAD downloader outbound connection (malware-cnc.rules)
 * 1:47557 <-> DISABLED <-> MALWARE-CNC Win.Trojan.PLEAD downloader outbound connection (malware-cnc.rules)
 * 1:47678 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Torpplar variant outbound connection (malware-cnc.rules)
 * 1:47701 <-> DISABLED <-> MALWARE-CNC Win.Backdoor.Iniduoh variant outbound connection (malware-cnc.rules)
 * 1:49255 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:49311 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:49376 <-> DISABLED <-> SERVER-APACHE Apache Struts remote code execution attempt (server-apache.rules)
 * 1:49788 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Zacinlo outbound connection (malware-cnc.rules)
 * 1:49789 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Zacinlo outbound connection (malware-cnc.rules)
 * 1:56130 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56131 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56132 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56133 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56138 <-> ENABLED <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt (server-webapp.rules)
 * 1:43396 <-> DISABLED <-> FILE-FLASH Adobe Acrobat Reader profile use after free attempt (file-flash.rules)

2020-10-29 14:07:10 UTC

Snort Subscriber Rules Update

Date: 2020-10-29

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091501.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:56142 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.Zusy-9784403-0 download attempt (malware-other.rules)
 * 1:56165 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.PyVil download attempt (malware-other.rules)
 * 1:56150 <-> DISABLED <-> SERVER-OTHER Adobe ColdFusion DataServicesCFProxy insecure Java deserialization attempt (server-other.rules)
 * 1:56139 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Czxz-9784395-0 download attempt (malware-other.rules)
 * 1:56151 <-> DISABLED <-> SERVER-OTHER Adobe ColdFusion vulnerable DataServicesCFProxy class reference attempt (server-other.rules)
 * 1:56156 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook email parsing remote code execution attempt (file-office.rules)
 * 1:56163 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.PyVil download attempt (malware-other.rules)
 * 1:56157 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook email parsing remote code execution attempt (file-office.rules)
 * 1:56167 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.PyVil download attempt (malware-other.rules)
 * 1:56140 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Czxz-9784395-0 download attempt (malware-other.rules)
 * 1:56154 <-> DISABLED <-> SERVER-WEBAPP MobileIron Core & Connector remote code execution attempt (server-webapp.rules)
 * 1:56164 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.PyVil download attempt (malware-other.rules)
 * 1:56155 <-> DISABLED <-> SERVER-WEBAPP MobileIron Core & Connector remote code execution attempt (server-webapp.rules)
 * 1:56162 <-> ENABLED <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt (server-webapp.rules)
 * 1:56166 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.PyVil outbound communication attempt (malware-other.rules)
 * 1:56141 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.Zusy-9784403-0 download attempt (malware-other.rules)
 * 3:56158 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1176 attack attempt (file-image.rules)
 * 3:56152 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1178 attack attempt (server-webapp.rules)
 * 3:56147 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1179 attack attempt (server-webapp.rules)
 * 3:56159 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1176 attack attempt (file-image.rules)
 * 3:56153 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1178 attack attempt (server-webapp.rules)
 * 3:56145 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1177 attack attempt (server-webapp.rules)
 * 3:56149 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1179 attack attempt (server-webapp.rules)
 * 3:56144 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1177 attack attempt (server-webapp.rules)
 * 3:56146 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1177 attack attempt (server-webapp.rules)
 * 3:56143 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1177 attack attempt (server-webapp.rules)
 * 3:56160 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1176 attack attempt (file-image.rules)
 * 3:56161 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1176 attack attempt (file-image.rules)
 * 3:56148 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1179 attack attempt (server-webapp.rules)

Modified Rules:


 * 1:44361 <-> DISABLED <-> SERVER-WEBAPP Trend Micro proxy_controller.php command injection attempt (server-webapp.rules)
 * 1:43455 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:43406 <-> DISABLED <-> FILE-FLASH Adobe Flash Player determinePreferredLocales out of bounds memory read attempt (file-flash.rules)
 * 1:44016 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Rectangle constructor use after free attempt (file-flash.rules)
 * 1:44657 <-> DISABLED <-> SERVER-WEBAPP Unitrends Enterprise Backup API SQL injection attempt (server-webapp.rules)
 * 1:44404 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Trickbot malicious communication attempt (malware-cnc.rules)
 * 1:44430 <-> DISABLED <-> FILE-OFFICE Fin7 Maldoc campaign exploitation attempt  (file-office.rules)
 * 1:44431 <-> DISABLED <-> FILE-OFFICE Fin7 Maldoc campaign exploitation attempt  (file-office.rules)
 * 1:44688 <-> DISABLED <-> SERVER-WEBAPP Netgear DGN1000 series routers arbitrary command execution attempt (server-webapp.rules)
 * 1:43625 <-> DISABLED <-> SERVER-WEBAPP Axis M3004 remote code execution attempt (server-webapp.rules)
 * 1:43865 <-> DISABLED <-> FILE-IMAGE Adobe Reader EMF EMR_MOVETOEX memory corruption attempt (file-image.rules)
 * 1:43900 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Professional XPS2PDF memory corruption attempt (file-other.rules)
 * 1:44880 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF EMR_STRETCHDIBITS memory corruption attempt (file-image.rules)
 * 1:43912 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Professional XPS2PDF memory corruption attempt (file-other.rules)
 * 1:43913 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Professional XPS2PDF memory corruption attempt (file-other.rules)
 * 1:43977 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader graphics engine memory corruption attempt (file-pdf.rules)
 * 1:44052 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word EPS filter PostScript object use after free attempt (file-office.rules)
 * 1:44360 <-> DISABLED <-> SERVER-WEBAPP Trend Micro proxy_controller.php command injection attempt (server-webapp.rules)
 * 1:44338 <-> DISABLED <-> BROWSER-IE Microsoft Edge denial of service attempt (browser-ie.rules)
 * 1:44885 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat XPS unicode glyph pointer out of bounds (file-image.rules)
 * 1:44892 <-> DISABLED <-> FILE-FLASH Adobe Flash Player determinePreferredLocales memory corruption attempt (file-flash.rules)
 * 1:44903 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PSDK Metadata memory corruption attempt (file-flash.rules)
 * 1:44929 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF out of bounds write attempt (file-image.rules)
 * 1:44964 <-> DISABLED <-> FILE-FLASH Adobe Flash Player tvsdk object use after free attempt (file-flash.rules)
 * 1:44969 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF EmfPlusFont memory corruption attempt (file-image.rules)
 * 1:45117 <-> DISABLED <-> SERVER-WEBAPP Huawei DeviceUpgrade command injection attempt (server-webapp.rules)
 * 1:45130 <-> DISABLED <-> OS-WINDOWS Microsoft Windows RRAS service arbitrary pointer dereference attempt (os-windows.rules)
 * 1:43901 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Professional XPS2PDF memory corruption attempt (file-other.rules)
 * 1:45131 <-> DISABLED <-> OS-WINDOWS Microsoft Windows RRAS service arbitrary pointer dereference attempt (os-windows.rules)
 * 1:45132 <-> DISABLED <-> FILE-OFFICE Microsoft Office Equation Editor object stack buffer overflow attempt (file-office.rules)
 * 1:45148 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Array out of bounds write attempt (browser-ie.rules)
 * 1:45162 <-> DISABLED <-> BROWSER-IE Microsoft Edge memory corruption attempt (browser-ie.rules)
 * 1:45169 <-> DISABLED <-> BROWSER-IE Microsoft Edge array type confusion attempt (browser-ie.rules)
 * 1:44564 <-> DISABLED <-> MALWARE-CNC PowerShell Empire variant outbound connection (malware-cnc.rules)
 * 1:44619 <-> DISABLED <-> MALWARE-CNC Android Red Alert Trojan outbound connection (malware-cnc.rules)
 * 1:44620 <-> DISABLED <-> MALWARE-CNC Android Red Alert Trojan outbound connection (malware-cnc.rules)
 * 1:45336 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ursnif variant outbound connection attempt (malware-cnc.rules)
 * 1:45370 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word docx subDocument file include attempt (file-office.rules)
 * 1:45371 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word docx subDocument file include attempt (file-office.rules)
 * 1:45564 <-> DISABLED <-> MALWARE-CNC Unix.Trojan.Vpnfilter variant outbound connection attempt (malware-cnc.rules)
 * 1:45642 <-> DISABLED <-> MALWARE-CNC Vbs.Trojan.Agent outbound connection (malware-cnc.rules)
 * 1:45643 <-> DISABLED <-> MALWARE-CNC Vbs.Trojan.Agent inbound payload download (malware-cnc.rules)
 * 1:45646 <-> DISABLED <-> MALWARE-CNC Vbs.Trojan.Agent outbound system information disclosure (malware-cnc.rules)
 * 1:45682 <-> DISABLED <-> SERVER-OTHER HP Integrated Lights-Out HTTP headers processing buffer overflow attempt (server-other.rules)
 * 1:45771 <-> DISABLED <-> MALWARE-CNC Win.Trojan.CannibalRAT initial outbound connection (malware-cnc.rules)
 * 1:45772 <-> DISABLED <-> MALWARE-CNC Win.Trojan.CannibalRAT outbound reporting attempt (malware-cnc.rules)
 * 1:45773 <-> DISABLED <-> MALWARE-CNC Win.Trojan.CannibalRAT outbound upload attempt (malware-cnc.rules)
 * 1:45904 <-> DISABLED <-> MALWARE-BACKDOOR CobaltStrike inbound beacon download (malware-backdoor.rules)
 * 1:45909 <-> DISABLED <-> MALWARE-CNC CobaltStrike trial version inbound beacon response (malware-cnc.rules)
 * 1:45922 <-> DISABLED <-> EXPLOIT-KIT Terror EK exe download attempt (exploit-kit.rules)
 * 1:45923 <-> DISABLED <-> EXPLOIT-KIT Terror EK dll download attempt (exploit-kit.rules)
 * 1:45949 <-> DISABLED <-> PUA-OTHER Coinhive TLS server hello attempt (pua-other.rules)
 * 1:45950 <-> DISABLED <-> PUA-OTHER Coinhive TLS client hello attempt (pua-other.rules)
 * 1:45972 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Chafer malicious communication attempt (malware-cnc.rules)
 * 1:45973 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Chafer malicious communication attempt (malware-cnc.rules)
 * 1:45976 <-> DISABLED <-> SERVER-WEBAPP Pivotal Spring Data REST PATCH request remote code execution attempt (server-webapp.rules)
 * 1:45977 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB kernel heap memory leak attempt (os-windows.rules)
 * 1:45978 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB kernel heap memory leak attempt (os-windows.rules)
 * 1:46129 <-> DISABLED <-> MALWARE-CNC Win.Trojan.HW32 variant outbound connection (malware-cnc.rules)
 * 1:46135 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Krodown variant connection attempt (malware-cnc.rules)
 * 1:46137 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Cidox variant outbound connection attempt (malware-cnc.rules)
 * 1:46249 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Rovnix outbound connection attempt (malware-cnc.rules)
 * 1:46250 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Rovnix outbound connection attempt (malware-cnc.rules)
 * 1:46251 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Rovnix outbound connection attempt (malware-cnc.rules)
 * 1:46252 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Rovnix outbound connection attempt (malware-cnc.rules)
 * 1:46371 <-> DISABLED <-> PUA-OTHER Moonify TLS server hello attempt (pua-other.rules)
 * 1:46372 <-> DISABLED <-> PUA-OTHER Moonify TLS client hello attempt (pua-other.rules)
 * 1:46490 <-> DISABLED <-> FILE-PDF Adobe Flash Player ActionScript setFocus use after free attempt (file-pdf.rules)
 * 1:46491 <-> DISABLED <-> FILE-PDF Adobe Flash Player ActionScript setFocus use after free attempt (file-pdf.rules)
 * 1:46580 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (malware-cnc.rules)
 * 1:46581 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (malware-cnc.rules)
 * 1:46582 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (malware-cnc.rules)
 * 1:46583 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (malware-cnc.rules)
 * 1:46584 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (malware-cnc.rules)
 * 1:46585 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (malware-cnc.rules)
 * 1:46586 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (malware-cnc.rules)
 * 1:46744 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dropper malicious executable download attempt (malware-cnc.rules)
 * 1:46782 <-> DISABLED <-> MALWARE-CNC Unix.Trojan.Vpnfilter variant SSL connection attempt (malware-cnc.rules)
 * 1:46783 <-> DISABLED <-> MALWARE-CNC Unix.Trojan.Vpnfilter variant SSL connection attempt (malware-cnc.rules)
 * 1:46793 <-> DISABLED <-> OS-WINDOWS Malicious zip download attempt (os-windows.rules)
 * 1:46989 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.MBRLock file download (malware-other.rules)
 * 1:47006 <-> DISABLED <-> MALWARE-CNC Win.Trojan.SocketPlayer outbound connection (malware-cnc.rules)
 * 1:47056 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel empty bookViews element denial of service attempt (file-office.rules)
 * 1:47148 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ursnif malicious file download (malware-cnc.rules)
 * 1:47175 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ddeService command execution attempt (file-office.rules)
 * 1:47236 <-> DISABLED <-> MALWARE-CNC Unix.Trojan.Prowli variant outbound connection (malware-cnc.rules)
 * 1:47241 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Mylobot additional payload download (malware-cnc.rules)
 * 1:47242 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Mylobot additional payload download (malware-cnc.rules)
 * 1:47358 <-> DISABLED <-> SERVER-WEBAPP CCTV-DVR command injection attempt (server-webapp.rules)
 * 1:47556 <-> DISABLED <-> MALWARE-CNC Win.Trojan.PLEAD downloader outbound connection (malware-cnc.rules)
 * 1:47557 <-> DISABLED <-> MALWARE-CNC Win.Trojan.PLEAD downloader outbound connection (malware-cnc.rules)
 * 1:47678 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Torpplar variant outbound connection (malware-cnc.rules)
 * 1:47701 <-> DISABLED <-> MALWARE-CNC Win.Backdoor.Iniduoh variant outbound connection (malware-cnc.rules)
 * 1:49255 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:49311 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:49376 <-> DISABLED <-> SERVER-APACHE Apache Struts remote code execution attempt (server-apache.rules)
 * 1:49788 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Zacinlo outbound connection (malware-cnc.rules)
 * 1:49789 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Zacinlo outbound connection (malware-cnc.rules)
 * 1:56130 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56131 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56132 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56133 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56138 <-> ENABLED <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt (server-webapp.rules)
 * 1:44017 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Rectangle constructor use after free attempt (file-flash.rules)
 * 1:44621 <-> DISABLED <-> MALWARE-CNC Android Red Alert Trojan outbound connection (malware-cnc.rules)
 * 1:43978 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader graphics engine memory corruption attempt (file-pdf.rules)
 * 1:44622 <-> DISABLED <-> MALWARE-CNC Android Red Alert Trojan outbound connection (malware-cnc.rules)
 * 1:44646 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.BadRabbit propagation via SVCCTL remote service attempt (malware-other.rules)
 * 1:43967 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Acrobat Professional EMF malformed EMR_POLYBEZIERTO16 out of bounds access attempt (file-multimedia.rules)
 * 1:43993 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader graphics engine memory corruption attempt (file-pdf.rules)
 * 1:43994 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader graphics engine memory corruption attempt (file-pdf.rules)
 * 1:43790 <-> DISABLED <-> SERVER-OTHER Apache mod_auth_digest out of bounds read attempt (server-other.rules)
 * 1:39319 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShimOpportunityGenerator out of bounds memory access attempt (file-flash.rules)
 * 1:39398 <-> DISABLED <-> SERVER-WEBAPP Symantec SEPM management console cross site scripting attempt (server-webapp.rules)
 * 1:39402 <-> DISABLED <-> FILE-OTHER Symantec Antivirus ALPkOldFormatDecompressor out of bounds read attempt (file-other.rules)
 * 1:39441 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer overflow attempt (file-flash.rules)
 * 1:39457 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer underflow attempt (file-flash.rules)
 * 1:39505 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Edge text node table-cell use after free attempt (browser-ie.rules)
 * 1:39524 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel empty bookViews element denial of service attempt (file-office.rules)
 * 1:39525 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel empty bookViews element denial of service attempt (file-office.rules)
 * 1:39540 <-> DISABLED <-> FILE-FLASH Adobe Flash Player local-with-filesystem security bypass attempt (file-flash.rules)
 * 1:39543 <-> DISABLED <-> FILE-FLASH Adobe Flash Player local-with-filesystem security bypass attempt (file-flash.rules)
 * 1:39564 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TimedEvent memory corruption attempt (file-flash.rules)
 * 1:39685 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Tinba variant outbound connection (malware-cnc.rules)
 * 1:39687 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed embeded TTF file memory corruption attempt (file-pdf.rules)
 * 1:39690 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ABRControlParameters access memory corruption attempt (file-flash.rules)
 * 1:39702 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MediaPlayerItemLoader out of bounds memory access attempt (file-flash.rules)
 * 1:39799 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader raster image memory corruption attempt (file-pdf.rules)
 * 1:39824 <-> DISABLED <-> OS-WINDOWS Microsoft Windows GDI emf file integer overflow attempt (os-windows.rules)
 * 1:39843 <-> DISABLED <-> OS-WINDOWS Microsoft Windows gdiplus EMF EmrText out of bounds write attempt (os-windows.rules)
 * 1:39851 <-> DISABLED <-> INDICATOR-COMPROMISE Connection to malware sinkhole - CERT.PL (indicator-compromise.rules)
 * 1:39893 <-> DISABLED <-> OS-LINUX Linux Kernel USBIP out of bounds write attempt (os-linux.rules)
 * 1:39894 <-> DISABLED <-> OS-LINUX Linux Kernel USBIP out of bounds write attempt (os-linux.rules)
 * 1:40075 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel LPenHelper out of bounds write attempt (file-office.rules)
 * 1:40076 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel LPenHelper out of bounds write attempt (file-office.rules)
 * 1:40102 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40103 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40104 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40105 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40106 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40107 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40116 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40117 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40121 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40122 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40152 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DRMManager memory corruption attempt (file-flash.rules)
 * 1:40167 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShimContentResolver out of bounds memory access attempt (file-flash.rules)
 * 1:40178 <-> DISABLED <-> FILE-FLASH Adobe Flash Player local-with-filesystem sandbox escape attempt (file-flash.rules)
 * 1:40236 <-> DISABLED <-> FILE-PDF Adobe Reader embedded font out of bounds memory access attempt (file-pdf.rules)
 * 1:40237 <-> DISABLED <-> FILE-PDF Adobe Reader embedded font out of bounds memory access attempt (file-pdf.rules)
 * 1:40312 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CTreePos type confusion attempt (browser-ie.rules)
 * 1:40375 <-> DISABLED <-> OS-WINDOWS Microsoft Windows insecure BoundaryDescriptor privilege escalation attempt (os-windows.rules)
 * 1:40425 <-> DISABLED <-> OS-WINDOWS Microsoft Windows GDI+ EMF buffer overread attempt (os-windows.rules)
 * 1:40503 <-> DISABLED <-> FILE-FLASH Adobe Flash Player QOSProvider use-after-free attempt (file-flash.rules)
 * 1:40706 <-> DISABLED <-> FILE-OTHER Microsoft Windows OTF cmap table parsing integer overflow attempt (file-other.rules)
 * 1:40717 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel LPenHelper use after free attempt (file-office.rules)
 * 1:40718 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel LPenHelper use after free attempt (file-office.rules)
 * 1:40737 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Primetime SDK AdvertisingMetadata type confustion attempt (file-flash.rules)
 * 1:40743 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource use after free attempt (file-flash.rules)
 * 1:40753 <-> ENABLED <-> EXPLOIT-KIT Rig exploit kit outbound communication (exploit-kit.rules)
 * 1:40813 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight GetChar out of bounds read attempt (browser-plugins.rules)
 * 1:40814 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight GetChar out of bounds read attempt (browser-plugins.rules)
 * 1:40934 <-> DISABLED <-> FILE-EXECUTABLE Nvidia Windows kernel mode driver denial of service attempt (file-executable.rules)
 * 1:40957 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel security descriptor out of bounds read attempt (file-office.rules)
 * 1:40958 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel security descriptor out of bounds read attempt (file-office.rules)
 * 1:40959 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ddeService command execution attempt (file-office.rules)
 * 1:40960 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ddeService command execution attempt (file-office.rules)
 * 1:40983 <-> DISABLED <-> FILE-OTHER Microsoft Internet Explorer malformed ico integer overflow attempt (file-other.rules)
 * 1:41003 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Primetime SDK out of bounds read attempt (file-flash.rules)
 * 1:41015 <-> DISABLED <-> FILE-FLASH Acrobat Flash WorkerDomain memory corruption attempt (file-flash.rules)
 * 1:41026 <-> DISABLED <-> SERVER-WEBAPP Advantech WebAccess Dashboard remote code execution attempt (server-webapp.rules)
 * 1:41310 <-> DISABLED <-> FILE-IMAGE libBPG restore_tqb_pixel out of bounds write attempt (file-image.rules)
 * 1:41344 <-> DISABLED <-> FILE-OTHER CorelDRAW X8 EMF invalid ihBrush field value out of bounds read attempt (file-other.rules)
 * 1:41358 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Primetime SDK ShimContentResolver memory corruption attempt (file-flash.rules)
 * 1:41515 <-> DISABLED <-> POLICY-OTHER McAfee Virus Scan Linux outdated version detected (policy-other.rules)
 * 1:41516 <-> DISABLED <-> SERVER-WEBAPP McAfee Virus Scan Linux file existence test attempt (server-webapp.rules)
 * 1:41521 <-> DISABLED <-> SERVER-WEBAPP McAfee Virus Scan Linux cross site scripting attempt (server-webapp.rules)
 * 1:41565 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:41566 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:41601 <-> DISABLED <-> FILE-PDF Microsoft Edge PDF Builder out of bounds read attempt (file-pdf.rules)
 * 1:41602 <-> DISABLED <-> FILE-PDF Microsoft Edge PDF Builder out of bounds read attempt (file-pdf.rules)
 * 1:41624 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MessageChannel type confusion attempt (file-flash.rules)
 * 1:41630 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PSDK EventDispatch removeEventListener use after free attempt (file-flash.rules)
 * 1:41680 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShimContentResolver out of bounds memory access attempt (file-flash.rules)
 * 1:41681 <-> DISABLED <-> SERVER-WEBAPP McAfee Virus Scan Linux remote code execution attempt (server-webapp.rules)
 * 1:41783 <-> ENABLED <-> EXPLOIT-KIT Rig exploit kit URL outbound communication (exploit-kit.rules)
 * 1:41818 <-> DISABLED <-> SERVER-APACHE Apache Struts remote code execution attempt (server-apache.rules)
 * 1:41819 <-> DISABLED <-> SERVER-APACHE Apache Struts remote code execution attempt (server-apache.rules)
 * 1:41976 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel shared strings memory corruption attempt (file-office.rules)
 * 1:41977 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel shared strings memory corruption attempt (file-office.rules)
 * 1:41979 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel shared strings memory corruption attempt (file-office.rules)
 * 1:41980 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel shared strings memory corruption attempt (file-office.rules)
 * 1:42080 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Jenxcus outbound connection with unique User-Agent (malware-cnc.rules)
 * 1:42097 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Resolution Opportunity parameter memory corruption attempt (file-flash.rules)
 * 1:42150 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malformed OTF file out-of-bounds memory access attempt (file-other.rules)
 * 1:42151 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malformed OTF file out-of-bounds memory access attempt (file-other.rules)
 * 1:42161 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel  out of bounds memory attempt (file-office.rules)
 * 1:42162 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel out of bounds memory attempt (file-office.rules)
 * 1:42222 <-> DISABLED <-> SERVER-WEBAPP Moxa MX Studio login page denial of service attempt (server-webapp.rules)
 * 1:42372 <-> ENABLED <-> POLICY-OTHER eicar file detected (policy-other.rules)
 * 1:42373 <-> ENABLED <-> POLICY-OTHER eicar file detected (policy-other.rules)
 * 1:42374 <-> ENABLED <-> POLICY-OTHER eicar file detected (policy-other.rules)
 * 1:42375 <-> ENABLED <-> POLICY-OTHER eicar file detected (policy-other.rules)
 * 1:42376 <-> ENABLED <-> POLICY-OTHER eicar file detected (policy-other.rules)
 * 1:42810 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData out of bounds memory access attempt (file-flash.rules)
 * 1:42811 <-> DISABLED <-> BROWSER-IE Microsoft Edge Chakra Engine use-after-free attempt (browser-ie.rules)
 * 1:42812 <-> DISABLED <-> BROWSER-IE Microsoft Edge Chakra Engine use-after-free attempt (browser-ie.rules)
 * 1:42816 <-> DISABLED <-> FILE-FLASH Adobe Flash Player display object mask use after free attempt (file-flash.rules)
 * 1:42817 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayObject use after free attempt (file-flash.rules)
 * 1:42902 <-> DISABLED <-> FILE-OFFICE Microsoft Office EPS restore command use after free attempt (file-office.rules)
 * 1:42904 <-> DISABLED <-> FILE-OFFICE Microsoft Office EPS restore command use after free attempt (file-office.rules)
 * 1:42911 <-> DISABLED <-> FILE-PDF Acrobat Reader TIFF malformed IFD tag heap overflow attempt (file-pdf.rules)
 * 1:42913 <-> DISABLED <-> FILE-PDF Acrobat Reader TIFF malformed IFD tag heap overflow attempt (file-pdf.rules)
 * 1:42915 <-> DISABLED <-> FILE-PDF Acrobat Reader TIFF malformed IFD tag heap overflow attempt (file-pdf.rules)
 * 1:43048 <-> DISABLED <-> FILE-FLASH Adobe Flash Player JSON stringify memory corruption attempt (file-flash.rules)
 * 1:43169 <-> DISABLED <-> BROWSER-IE Microsoft Edge textContent use after free attempt (browser-ie.rules)
 * 1:43179 <-> DISABLED <-> FILE-OFFICE Powerpoint mouseover powershell malware download attempt (file-office.rules)
 * 1:43221 <-> DISABLED <-> MALWARE-OTHER Win.Trojan-Downloader.Jadtree GET request of RAR file to server (malware-other.rules)
 * 1:43383 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AdvertisingMetadata use after free attempt (file-flash.rules)
 * 1:43396 <-> DISABLED <-> FILE-FLASH Adobe Acrobat Reader profile use after free attempt (file-flash.rules)
 * 1:31033 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Cryptodefence variant outbound connection (malware-cnc.rules)
 * 1:36707 <-> DISABLED <-> FILE-OFFICE Microsoft Office malformed odttf integer overflow attempt (file-office.rules)
 * 1:36708 <-> DISABLED <-> FILE-OFFICE Microsoft Office malformed odttf integer overflow attempt (file-office.rules)
 * 1:36713 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ClickOnce information disclosure attempt (os-windows.rules)
 * 1:36714 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel slicer style use-after-free attempt (file-office.rules)
 * 1:36715 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel slicer style use-after-free attempt (file-office.rules)
 * 1:36751 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel MdCallBack out of bounds read attempt (file-office.rules)
 * 1:36752 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel MdCallBack out of bounds read attempt (file-office.rules)
 * 1:36812 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer nonexistent attribute removal memory corruption attempt (browser-ie.rules)
 * 1:36819 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:36820 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:36821 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:36822 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:36829 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 actionExtends use-after-free attempt (file-flash.rules)
 * 1:36830 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 actionExtends use-after-free attempt (file-flash.rules)
 * 1:36831 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 actionExtends use-after-free attempt (file-flash.rules)
 * 1:36832 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 actionExtends use-after-free attempt (file-flash.rules)
 * 1:36846 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 TextField gridFitType use after free attempt (file-flash.rules)
 * 1:36859 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36860 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36863 <-> DISABLED <-> FILE-FLASH Adobe Flash Player attachsound use-after-free attempt (file-flash.rules)
 * 1:36864 <-> DISABLED <-> FILE-FLASH Adobe Flash Player attachsound use-after-free attempt (file-flash.rules)
 * 1:36883 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:36960 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word XML parsing use after free attempt (file-office.rules)
 * 1:36961 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word XML parsing use after free attempt (file-office.rules)
 * 1:36998 <-> DISABLED <-> OS-WINDOWS Microsoft .NET Silverlight manifest resource file information disclosure attempt (os-windows.rules)
 * 1:37071 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter integer overflow attempt (file-flash.rules)
 * 1:37072 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter integer overflow attempt (file-flash.rules)
 * 1:37074 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter integer overflow attempt (file-flash.rules)
 * 1:37075 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter integer overflow attempt (file-flash.rules)
 * 1:37081 <-> DISABLED <-> FILE-FLASH Adobe Flash Player String length heap buffer overflow attempt (file-flash.rules)
 * 1:37082 <-> DISABLED <-> FILE-FLASH Adobe Flash Player String length heap buffer overflow attempt (file-flash.rules)
 * 1:37085 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array memory corruption attempt (file-flash.rules)
 * 1:37086 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array memory corruption attempt (file-flash.rules)
 * 1:37090 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PrintJob object use-after-free attempt (file-flash.rules)
 * 1:37091 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PrintJob object use-after-free attempt (file-flash.rules)
 * 1:37092 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SoundURLStream memory corruption attempt (file-flash.rules)
 * 1:37094 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SoundURLStream memory corruption attempt (file-flash.rules)
 * 1:37105 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MovieClip object use-after-free attempt (file-flash.rules)
 * 1:37106 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MovieClip object use-after-free attempt (file-flash.rules)
 * 1:37109 <-> DISABLED <-> FILE-FLASH Adobe Flash Player selection.setFocus use after free attempt (file-flash.rules)
 * 1:37110 <-> DISABLED <-> FILE-FLASH Adobe Flash Player selection.setFocus use after free attempt (file-flash.rules)
 * 1:37118 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (file-flash.rules)
 * 1:37119 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (file-flash.rules)
 * 1:37121 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MP3 ID3 data parsing heap buffer overflow attempt (file-flash.rules)
 * 1:37123 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MP3 ID3 data parsing heap buffer overflow attempt (file-flash.rules)
 * 1:37128 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 setTransform use-after-free attempt (file-flash.rules)
 * 1:37129 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 setTransform use-after-free attempt (file-flash.rules)
 * 1:37135 <-> DISABLED <-> SERVER-WEBAPP Fireeye Java decompiler reflection remote code execution attempt (server-webapp.rules)
 * 1:37136 <-> DISABLED <-> SERVER-WEBAPP Fireeye Java decompiler reflection remote code execution attempt (server-webapp.rules)
 * 1:37144 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SetSlot type confusion attempt (file-flash.rules)
 * 1:37145 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SetSlot type confusion attempt (file-flash.rules)
 * 1:37157 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject send stack buffer overflow attempt (file-flash.rules)
 * 1:37159 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject send stack buffer overflow attempt (file-flash.rules)
 * 1:37160 <-> DISABLED <-> FILE-FLASH Adobe Flash Player oversize source bitmap memory corruption attempt (file-flash.rules)
 * 1:37161 <-> DISABLED <-> FILE-FLASH Adobe Flash Player oversize source bitmap memory corruption attempt (file-flash.rules)
 * 1:37167 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLStream use after free attempt (file-flash.rules)
 * 1:37168 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLStream use after free attempt (file-flash.rules)
 * 1:37169 <-> DISABLED <-> FILE-FLASH Adobe Flash Player heap memory disclosure via custom valueOf handler attempt (file-flash.rules)
 * 1:37170 <-> DISABLED <-> FILE-FLASH Adobe Flash Player heap memory disclosure via custom valueOf handler attempt (file-flash.rules)
 * 1:37171 <-> DISABLED <-> FILE-FLASH Adobe Flash Player heap memory disclosure via custom valueOf handler attempt (file-flash.rules)
 * 1:37172 <-> DISABLED <-> FILE-FLASH Adobe Flash Player heap memory disclosure via custom valueOf handler attempt (file-flash.rules)
 * 1:37178 <-> DISABLED <-> FILE-FLASH Adobe Flash Player M3U8 parser logic memory corruption attempt (file-flash.rules)
 * 1:37180 <-> DISABLED <-> FILE-FLASH Adobe Flash Player M3U8 parser logic memory corruption attempt (file-flash.rules)
 * 1:37183 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextFormat.tabStops use after free attempt (file-flash.rules)
 * 1:37184 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextFormat.tabStops use after free attempt (file-flash.rules)
 * 1:37185 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextFormat.tabStops use after free attempt (file-flash.rules)
 * 1:37186 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextFormat.tabStops use after free attempt (file-flash.rules)
 * 1:37205 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object.addProperty method use after free attempt (file-flash.rules)
 * 1:37206 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object.addProperty method use after free attempt (file-flash.rules)
 * 1:37208 <-> DISABLED <-> FILE-FLASH Adobe Flash Player LoadVars decode use after free attempt (file-flash.rules)
 * 1:37210 <-> DISABLED <-> FILE-FLASH Adobe Flash Player LoadVars decode use after free attempt (file-flash.rules)
 * 1:37216 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MovieClip setMask use after free attempt (file-flash.rules)
 * 1:37218 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MovieClip setMask use after free attempt (file-flash.rules)
 * 1:37237 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object hasOwnProperty use after free attempt (file-flash.rules)
 * 1:37239 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object hasOwnProperty use after free attempt (file-flash.rules)
 * 1:37247 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeMovieClip use after free attempt (file-flash.rules)
 * 1:37248 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeMovieClip use after free attempt (file-flash.rules)
 * 1:37249 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeMovieClip use after free attempt (file-flash.rules)
 * 1:37259 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel mso20win32client use after free attempt (file-office.rules)
 * 1:37265 <-> DISABLED <-> FILE-OFFICE Microsoft Office metafile conversion out of bounds read attempt (file-office.rules)
 * 1:37266 <-> DISABLED <-> FILE-OFFICE Microsoft Office metafile conversion out of bounds read attempt (file-office.rules)
 * 1:37267 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight GetChar out of bounds read attempt (browser-plugins.rules)
 * 1:37268 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight GetChar out of bounds read attempt (browser-plugins.rules)
 * 1:37345 <-> DISABLED <-> FILE-FLASH Adobe Flash Player improper display list handling memory corruption attempt (file-flash.rules)
 * 1:37347 <-> DISABLED <-> FILE-FLASH Adobe Flash Player improper display list handling memory corruption attempt (file-flash.rules)
 * 1:37399 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader custom string length function memory corruption attempt (file-pdf.rules)
 * 1:37525 <-> DISABLED <-> SERVER-OTHER NTP arbitrary pidfile and driftfile overwrite attempt (server-other.rules)
 * 1:37550 <-> DISABLED <-> EXPLOIT-KIT Nuclear landing page detected (exploit-kit.rules)
 * 1:37592 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel formula length heap corruption attempt (file-office.rules)
 * 1:37593 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel formula length heap corruption attempt (file-office.rules)
 * 1:37600 <-> DISABLED <-> FILE-OFFICE Microsoft Powerpoint shape objects null pointer dereference memory corruption attempt (file-office.rules)
 * 1:37601 <-> DISABLED <-> FILE-OFFICE Microsoft Powerpoint shape objects null pointer dereference memory corruption attempt (file-office.rules)
 * 1:37664 <-> DISABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 1:37670 <-> DISABLED <-> FILE-FLASH Adobe Flash Player convolution filter use-after-free attempt (file-flash.rules)
 * 1:37671 <-> DISABLED <-> FILE-FLASH Adobe Flash Player convolution filter use-after-free attempt (file-flash.rules)
 * 1:37700 <-> DISABLED <-> FILE-OFFICE Microsoft Office ole object external file loading attempt (file-office.rules)
 * 1:37702 <-> DISABLED <-> FILE-OFFICE Microsoft Office ole object external file loading attempt (file-office.rules)
 * 1:37703 <-> DISABLED <-> FILE-OFFICE Microsoft Office ole object external file loading attempt (file-office.rules)
 * 1:37704 <-> DISABLED <-> FILE-OFFICE Microsoft Office ole object external file loading attempt (file-office.rules)
 * 1:37705 <-> DISABLED <-> FILE-OFFICE Microsoft Office ole object external file loading attempt (file-office.rules)
 * 1:37706 <-> DISABLED <-> FILE-OFFICE Microsoft Office ole object external file loading attempt (file-office.rules)
 * 1:37711 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:37726 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:37727 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:37734 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Point object integer overflow attempt (file-flash.rules)
 * 1:37736 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Point object integer overflow attempt (file-flash.rules)
 * 1:37740 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BlurFilter memory corruption attempt (file-flash.rules)
 * 1:37741 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BlurFilter memory corruption attempt (file-flash.rules)
 * 1:37744 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextLine memory corruption attempt (file-flash.rules)
 * 1:37745 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextLine memory corruption attempt (file-flash.rules)
 * 1:37754 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Point object integer overflow attempt (file-flash.rules)
 * 1:37755 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Point object integer overflow attempt (file-flash.rules)
 * 1:37757 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid sourceRect copyPixels heap corruption attempt (file-flash.rules)
 * 1:37758 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid sourceRect copyPixels heap corruption attempt (file-flash.rules)
 * 1:37761 <-> DISABLED <-> FILE-FLASH Adobe Flash Player rectangle auxiliary method integer overflow attempt (file-flash.rules)
 * 1:37764 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData method memory corruption attempt (file-flash.rules)
 * 1:37770 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative custom getter use after free attempt (file-flash.rules)
 * 1:37771 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative custom getter use after free attempt (file-flash.rules)
 * 1:37774 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript constructor use after free attempt (file-flash.rules)
 * 1:37776 <-> DISABLED <-> FILE-FLASH Adobe Flash Player LoadVars use-after-free attempt (file-flash.rules)
 * 1:37777 <-> DISABLED <-> FILE-FLASH Adobe Flash Player LoadVars use-after-free attempt (file-flash.rules)
 * 1:37783 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed Adobe Texture Format heap overflow attempt (file-flash.rules)
 * 1:37790 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative use after free attempt (file-flash.rules)
 * 1:37792 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative use after free attempt (file-flash.rules)
 * 1:37797 <-> DISABLED <-> FILE-FLASH Adobe Flash Player rectangle memory access violation attempt (file-flash.rules)
 * 1:37798 <-> DISABLED <-> FILE-FLASH Adobe Flash Player rectangle memory access violation attempt (file-flash.rules)
 * 1:37801 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (browser-plugins.rules)
 * 1:37808 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer underflow attempt (file-flash.rules)
 * 1:37824 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:37825 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:37938 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:37939 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:38074 <-> DISABLED <-> BROWSER-IE Microsoft Edge CAsyncTpWorker Windows.Data.Pdf.dll object use after free attempt (browser-ie.rules)
 * 1:38076 <-> DISABLED <-> BROWSER-IE Microsoft Edge CAsyncTpWorker Windows.Data.Pdf.dll object use after free attempt (browser-ie.rules)
 * 1:38101 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word wwlib.dll invalid pointer read attempt (file-office.rules)
 * 1:38165 <-> DISABLED <-> FILE-FLASH Adobe Flash Player hitTest BitmapData object integer overflow attempt (file-flash.rules)
 * 1:38167 <-> DISABLED <-> FILE-FLASH Adobe Flash Player hitTest BitmapData object integer overflow attempt (file-flash.rules)
 * 1:38169 <-> DISABLED <-> FILE-FLASH Adobe Flash Player hitTest BitmapData object integer overflow attempt (file-flash.rules)
 * 1:38170 <-> DISABLED <-> FILE-FLASH Adobe Flash Player hitTest BitmapData object integer overflow attempt (file-flash.rules)
 * 1:38175 <-> DISABLED <-> FILE-FLASH Adobe Standalone Flash Player texfield getter use after free attempt (file-flash.rules)
 * 1:38179 <-> DISABLED <-> FILE-FLASH Adobe Standalone Flash Player ASnative object use after free attempt (file-flash.rules)
 * 1:38182 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 multiple axis attributes integer overflow attempt (file-flash.rules)
 * 1:38184 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 multiple axis attributes integer overflow attempt (file-flash.rules)
 * 1:38191 <-> DISABLED <-> FILE-FLASH Adobe Flash Player si32 integer overflow attempt (file-flash.rules)
 * 1:38192 <-> DISABLED <-> FILE-FLASH Adobe Flash Player si32 integer overflow attempt (file-flash.rules)
 * 1:38197 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursion calls stack overflow attempt (file-flash.rules)
 * 1:38198 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursion calls stack overflow attempt (file-flash.rules)
 * 1:38207 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MPD use-after-free attempt (file-flash.rules)
 * 1:38208 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MPD use-after-free attempt (file-flash.rules)
 * 1:38211 <-> DISABLED <-> FILE-PDF Adobe Reader JPEG 2000 chrominance subsampling memory corruption attempt (file-pdf.rules)
 * 1:38212 <-> DISABLED <-> FILE-PDF Adobe Reader JPEG 2000 chrominance subsampling memory corruption attempt (file-pdf.rules)
 * 1:38215 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData.paletteMap size mismatch integer overflow attempt (file-flash.rules)
 * 1:38216 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData.paletteMap size mismatch integer overflow attempt (file-flash.rules)
 * 1:38219 <-> DISABLED <-> FILE-FLASH Adobe Flash Player use after free attempt (file-flash.rules)
 * 1:38220 <-> DISABLED <-> FILE-FLASH Adobe Flash Player use after free (file-flash.rules)
 * 1:38223 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader annotation oversized array memory corruption attempt (file-pdf.rules)
 * 1:38239 <-> DISABLED <-> FILE-FLASH Adobe Flash Player rectangle width integer overflow attempt (file-flash.rules)
 * 1:38241 <-> DISABLED <-> FILE-FLASH Adobe Flash Player rectangle width integer overflow attempt (file-flash.rules)
 * 1:38286 <-> DISABLED <-> SERVER-WEBAPP Reprise License Manager actserver stack buffer overflow attempt (server-webapp.rules)
 * 1:38287 <-> DISABLED <-> SERVER-WEBAPP Reprise License Manager akey stack buffer overflow attempt (server-webapp.rules)
 * 1:38288 <-> DISABLED <-> SERVER-WEBAPP Reprise License Manager licfile stack buffer overflow attempt (server-webapp.rules)
 * 1:38327 <-> DISABLED <-> MALWARE-BACKDOOR ReGeorg proxy read attempt (malware-backdoor.rules)
 * 1:38405 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Transform Class Matrix AS2 use after free attempt (file-flash.rules)
 * 1:38406 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Transform Class Matrix AS2 use after free attempt (file-flash.rules)
 * 1:38409 <-> DISABLED <-> FILE-FLASH Adobe Flash Player JPEG-XR decode buffer overflow attempt (file-flash.rules)
 * 1:38410 <-> DISABLED <-> FILE-FLASH Adobe Flash Player JPEG-XR decode buffer overflow attempt (file-flash.rules)
 * 1:38413 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection to ColorMatrixFilter object type confusion attempt (file-flash.rules)
 * 1:38415 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection to ColorMatrixFilter object type confusion attempt (file-flash.rules)
 * 1:38425 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ExportAssets count memory corruption attempt (file-flash.rules)
 * 1:38430 <-> DISABLED <-> FILE-FLASH Adobe Flash Player toString type confusion memory corruption attempt (file-flash.rules)
 * 1:38433 <-> DISABLED <-> FILE-FLASH Adobe Flash Player toString type confusion memory corruption attempt (file-flash.rules)
 * 1:38481 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel msxml6 ParseElementN use after free attempt (file-office.rules)
 * 1:38482 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel msxml6 ParseElementN use after free attempt (file-office.rules)
 * 1:38577 <-> DISABLED <-> FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (file-flash.rules)
 * 1:38593 <-> DISABLED <-> EXPLOIT-KIT Nuclear Exploit Kit back end communications attempt (exploit-kit.rules)
 * 1:38631 <-> DISABLED <-> FILE-FLASH Angler exploit kit Adobe Flash SWF exploit download (file-flash.rules)
 * 1:38632 <-> DISABLED <-> FILE-FLASH Angler exploit kit Adobe Flash SWF exploit download (file-flash.rules)
 * 1:38635 <-> DISABLED <-> FILE-FLASH Nuclear exploit kit Adobe Flash SWF exploit download (file-flash.rules)
 * 1:38636 <-> DISABLED <-> FILE-FLASH Nuclear exploit kit Adobe Flash SWF exploit download (file-flash.rules)
 * 1:38729 <-> DISABLED <-> SERVER-OTHER Mediabridge Medialink MWN-WAPR300N and Tenda N3 Wireless N150 inbound admin attempt (server-other.rules)
 * 1:38772 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer EMF file integer overflow attempt (browser-ie.rules)
 * 1:38782 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word TTF out-of-bounds memory access attempt (file-office.rules)
 * 1:38783 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word TTF out-of-bounds memory access attempt (file-office.rules)
 * 1:38830 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ContentFactory memory corruption attempt (file-flash.rules)
 * 1:38832 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ContentFactory memory corruption attempt (file-flash.rules)
 * 1:38833 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ContentFactory memory corruption attempt (file-flash.rules)
 * 1:38841 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VBScript toString redim array use after free attempt (browser-ie.rules)
 * 1:38881 <-> DISABLED <-> FILE-FLASH Adobe Flash Player FileReference type confusion attempt (file-flash.rules)
 * 1:38883 <-> DISABLED <-> FILE-FLASH Adobe Flash Player FileReference type confusion attempt (file-flash.rules)
 * 1:38972 <-> DISABLED <-> FILE-FLASH Adobe Flash Player OpportunityGenerator.update memory corruption attempt (file-flash.rules)
 * 1:38973 <-> DISABLED <-> FILE-FLASH Adobe Flash Player OpportunityGenerator.update memory corruption attempt (file-flash.rules)
 * 1:38974 <-> DISABLED <-> FILE-FLASH Adobe Flash Player OpportunityGenerator.update memory corruption attempt (file-flash.rules)
 * 1:38980 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed FlateDecode stream use after free attempt (file-pdf.rules)
 * 1:38981 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed FlateDecode stream use after free attempt (file-pdf.rules)
 * 1:38996 <-> DISABLED <-> FILE-FLASH Adobe Flash Player addProperty use after free attempt (file-flash.rules)
 * 1:38998 <-> DISABLED <-> FILE-FLASH Adobe Flash Player addProperty use after free attempt (file-flash.rules)
 * 1:39009 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setMetadata memory corruption attempt (file-flash.rules)
 * 1:39010 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setMetadata memory corruption attempt (file-flash.rules)
 * 1:39013 <-> DISABLED <-> FILE-PDF Adobe Reader CTJPEGDecoderReadNextTile out of bounds read attempt (file-pdf.rules)
 * 1:39014 <-> DISABLED <-> FILE-PDF Adobe Reader CTJPEGDecoderReadNextTile out of bounds read attempt (file-pdf.rules)
 * 1:39015 <-> DISABLED <-> FILE-PDF Adobe Reader AcroForm dictionary object use after free attempt (file-pdf.rules)
 * 1:39019 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PSDK use-after-free attempt (file-flash.rules)
 * 1:39020 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PSDK use-after-free attempt (file-flash.rules)
 * 1:39022 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PSDK use-after-free attempt (file-flash.rules)
 * 1:39024 <-> DISABLED <-> FILE-FLASH Adobe Flash Player selection.setFocus use after free attempt (file-flash.rules)
 * 1:39025 <-> DISABLED <-> FILE-FLASH Adobe Flash Player selection.setFocus use after free attempt (file-flash.rules)
 * 1:39032 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASSetNative use-after-free attempt (file-flash.rules)
 * 1:39033 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASSetNative use-after-free attempt (file-flash.rules)
 * 1:39102 <-> DISABLED <-> FILE-PDF Adobe Reader PDF embedded JPEG memory corruption attempt (file-pdf.rules)
 * 1:39103 <-> DISABLED <-> FILE-PDF Adobe Reader PDF embedded JPEG memory corruption attempt (file-pdf.rules)
 * 1:39261 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malformed OTF file out-of-bounds memory access attempt (file-other.rules)
 * 1:39272 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShimContentFactory uninitialized pointer use attempt (file-flash.rules)
 * 1:39280 <-> DISABLED <-> FILE-FLASH Adobe Primetime SDK object type confusion overflow attempt (file-flash.rules)
 * 1:39285 <-> DISABLED <-> FILE-FLASH Adobe Flash Player loadSound use after free attempt (file-flash.rules)
 * 1:39288 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShimContentResolver out of bounds memory access attempt (file-flash.rules)
 * 1:39290 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Primetime SDK ShimContentResolver out of bounds memory access attempt (file-flash.rules)
 * 1:39298 <-> DISABLED <-> FILE-FLASH Adobe Flash player retrieveResolvers memory corruption attempt (file-flash.rules)
 * 1:39305 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Primetime SDK ShimContentResolver out of bounds memory access attempt (file-flash.rules)

2020-10-29 14:07:10 UTC

Snort Subscriber Rules Update

Date: 2020-10-29

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091500.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:56154 <-> DISABLED <-> SERVER-WEBAPP MobileIron Core & Connector remote code execution attempt (server-webapp.rules)
 * 1:56166 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.PyVil outbound communication attempt (malware-other.rules)
 * 1:56163 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.PyVil download attempt (malware-other.rules)
 * 1:56167 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.PyVil download attempt (malware-other.rules)
 * 1:56165 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.PyVil download attempt (malware-other.rules)
 * 1:56142 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.Zusy-9784403-0 download attempt (malware-other.rules)
 * 1:56155 <-> DISABLED <-> SERVER-WEBAPP MobileIron Core & Connector remote code execution attempt (server-webapp.rules)
 * 1:56162 <-> ENABLED <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt (server-webapp.rules)
 * 1:56139 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Czxz-9784395-0 download attempt (malware-other.rules)
 * 1:56156 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook email parsing remote code execution attempt (file-office.rules)
 * 1:56150 <-> DISABLED <-> SERVER-OTHER Adobe ColdFusion DataServicesCFProxy insecure Java deserialization attempt (server-other.rules)
 * 1:56151 <-> DISABLED <-> SERVER-OTHER Adobe ColdFusion vulnerable DataServicesCFProxy class reference attempt (server-other.rules)
 * 1:56157 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook email parsing remote code execution attempt (file-office.rules)
 * 1:56140 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Czxz-9784395-0 download attempt (malware-other.rules)
 * 1:56164 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.PyVil download attempt (malware-other.rules)
 * 1:56141 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.Zusy-9784403-0 download attempt (malware-other.rules)
 * 3:56148 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1179 attack attempt (server-webapp.rules)
 * 3:56159 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1176 attack attempt (file-image.rules)
 * 3:56161 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1176 attack attempt (file-image.rules)
 * 3:56152 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1178 attack attempt (server-webapp.rules)
 * 3:56146 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1177 attack attempt (server-webapp.rules)
 * 3:56158 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1176 attack attempt (file-image.rules)
 * 3:56145 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1177 attack attempt (server-webapp.rules)
 * 3:56153 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1178 attack attempt (server-webapp.rules)
 * 3:56147 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1179 attack attempt (server-webapp.rules)
 * 3:56149 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1179 attack attempt (server-webapp.rules)
 * 3:56143 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1177 attack attempt (server-webapp.rules)
 * 3:56144 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1177 attack attempt (server-webapp.rules)
 * 3:56160 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1176 attack attempt (file-image.rules)

Modified Rules:


 * 1:45972 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Chafer malicious communication attempt (malware-cnc.rules)
 * 1:45130 <-> DISABLED <-> OS-WINDOWS Microsoft Windows RRAS service arbitrary pointer dereference attempt (os-windows.rules)
 * 1:44430 <-> DISABLED <-> FILE-OFFICE Fin7 Maldoc campaign exploitation attempt  (file-office.rules)
 * 1:46491 <-> DISABLED <-> FILE-PDF Adobe Flash Player ActionScript setFocus use after free attempt (file-pdf.rules)
 * 1:44892 <-> DISABLED <-> FILE-FLASH Adobe Flash Player determinePreferredLocales memory corruption attempt (file-flash.rules)
 * 1:46490 <-> DISABLED <-> FILE-PDF Adobe Flash Player ActionScript setFocus use after free attempt (file-pdf.rules)
 * 1:45977 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB kernel heap memory leak attempt (os-windows.rules)
 * 1:44431 <-> DISABLED <-> FILE-OFFICE Fin7 Maldoc campaign exploitation attempt  (file-office.rules)
 * 1:45973 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Chafer malicious communication attempt (malware-cnc.rules)
 * 1:46250 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Rovnix outbound connection attempt (malware-cnc.rules)
 * 1:44964 <-> DISABLED <-> FILE-FLASH Adobe Flash Player tvsdk object use after free attempt (file-flash.rules)
 * 1:44564 <-> DISABLED <-> MALWARE-CNC PowerShell Empire variant outbound connection (malware-cnc.rules)
 * 1:46580 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (malware-cnc.rules)
 * 1:46585 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (malware-cnc.rules)
 * 1:44360 <-> DISABLED <-> SERVER-WEBAPP Trend Micro proxy_controller.php command injection attempt (server-webapp.rules)
 * 1:45904 <-> DISABLED <-> MALWARE-BACKDOOR CobaltStrike inbound beacon download (malware-backdoor.rules)
 * 1:46135 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Krodown variant connection attempt (malware-cnc.rules)
 * 1:43865 <-> DISABLED <-> FILE-IMAGE Adobe Reader EMF EMR_MOVETOEX memory corruption attempt (file-image.rules)
 * 1:46744 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dropper malicious executable download attempt (malware-cnc.rules)
 * 1:45923 <-> DISABLED <-> EXPLOIT-KIT Terror EK dll download attempt (exploit-kit.rules)
 * 1:44929 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF out of bounds write attempt (file-image.rules)
 * 1:45949 <-> DISABLED <-> PUA-OTHER Coinhive TLS server hello attempt (pua-other.rules)
 * 1:45909 <-> DISABLED <-> MALWARE-CNC CobaltStrike trial version inbound beacon response (malware-cnc.rules)
 * 1:44016 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Rectangle constructor use after free attempt (file-flash.rules)
 * 1:44688 <-> DISABLED <-> SERVER-WEBAPP Netgear DGN1000 series routers arbitrary command execution attempt (server-webapp.rules)
 * 1:44017 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Rectangle constructor use after free attempt (file-flash.rules)
 * 1:45117 <-> DISABLED <-> SERVER-WEBAPP Huawei DeviceUpgrade command injection attempt (server-webapp.rules)
 * 1:44646 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.BadRabbit propagation via SVCCTL remote service attempt (malware-other.rules)
 * 1:44969 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF EmfPlusFont memory corruption attempt (file-image.rules)
 * 1:45131 <-> DISABLED <-> OS-WINDOWS Microsoft Windows RRAS service arbitrary pointer dereference attempt (os-windows.rules)
 * 1:45772 <-> DISABLED <-> MALWARE-CNC Win.Trojan.CannibalRAT outbound reporting attempt (malware-cnc.rules)
 * 1:46371 <-> DISABLED <-> PUA-OTHER Moonify TLS server hello attempt (pua-other.rules)
 * 1:46583 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (malware-cnc.rules)
 * 1:45642 <-> DISABLED <-> MALWARE-CNC Vbs.Trojan.Agent outbound connection (malware-cnc.rules)
 * 1:45922 <-> DISABLED <-> EXPLOIT-KIT Terror EK exe download attempt (exploit-kit.rules)
 * 1:45169 <-> DISABLED <-> BROWSER-IE Microsoft Edge array type confusion attempt (browser-ie.rules)
 * 1:45643 <-> DISABLED <-> MALWARE-CNC Vbs.Trojan.Agent inbound payload download (malware-cnc.rules)
 * 1:45132 <-> DISABLED <-> FILE-OFFICE Microsoft Office Equation Editor object stack buffer overflow attempt (file-office.rules)
 * 1:43912 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Professional XPS2PDF memory corruption attempt (file-other.rules)
 * 1:44404 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Trickbot malicious communication attempt (malware-cnc.rules)
 * 1:45978 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB kernel heap memory leak attempt (os-windows.rules)
 * 1:43900 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Professional XPS2PDF memory corruption attempt (file-other.rules)
 * 1:46252 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Rovnix outbound connection attempt (malware-cnc.rules)
 * 1:43455 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:43406 <-> DISABLED <-> FILE-FLASH Adobe Flash Player determinePreferredLocales out of bounds memory read attempt (file-flash.rules)
 * 1:43790 <-> DISABLED <-> SERVER-OTHER Apache mod_auth_digest out of bounds read attempt (server-other.rules)
 * 1:47236 <-> DISABLED <-> MALWARE-CNC Unix.Trojan.Prowli variant outbound connection (malware-cnc.rules)
 * 1:31033 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Cryptodefence variant outbound connection (malware-cnc.rules)
 * 1:43625 <-> DISABLED <-> SERVER-WEBAPP Axis M3004 remote code execution attempt (server-webapp.rules)
 * 1:47148 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ursnif malicious file download (malware-cnc.rules)
 * 1:47175 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ddeService command execution attempt (file-office.rules)
 * 1:47358 <-> DISABLED <-> SERVER-WEBAPP CCTV-DVR command injection attempt (server-webapp.rules)
 * 1:47242 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Mylobot additional payload download (malware-cnc.rules)
 * 1:47556 <-> DISABLED <-> MALWARE-CNC Win.Trojan.PLEAD downloader outbound connection (malware-cnc.rules)
 * 1:47557 <-> DISABLED <-> MALWARE-CNC Win.Trojan.PLEAD downloader outbound connection (malware-cnc.rules)
 * 1:47701 <-> DISABLED <-> MALWARE-CNC Win.Backdoor.Iniduoh variant outbound connection (malware-cnc.rules)
 * 1:46783 <-> DISABLED <-> MALWARE-CNC Unix.Trojan.Vpnfilter variant SSL connection attempt (malware-cnc.rules)
 * 1:47006 <-> DISABLED <-> MALWARE-CNC Win.Trojan.SocketPlayer outbound connection (malware-cnc.rules)
 * 1:47056 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel empty bookViews element denial of service attempt (file-office.rules)
 * 1:46793 <-> DISABLED <-> OS-WINDOWS Malicious zip download attempt (os-windows.rules)
 * 1:46989 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.MBRLock file download (malware-other.rules)
 * 1:46137 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Cidox variant outbound connection attempt (malware-cnc.rules)
 * 1:44620 <-> DISABLED <-> MALWARE-CNC Android Red Alert Trojan outbound connection (malware-cnc.rules)
 * 1:45371 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word docx subDocument file include attempt (file-office.rules)
 * 1:43901 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Professional XPS2PDF memory corruption attempt (file-other.rules)
 * 1:44903 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PSDK Metadata memory corruption attempt (file-flash.rules)
 * 1:45336 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ursnif variant outbound connection attempt (malware-cnc.rules)
 * 1:43913 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Professional XPS2PDF memory corruption attempt (file-other.rules)
 * 1:45564 <-> DISABLED <-> MALWARE-CNC Unix.Trojan.Vpnfilter variant outbound connection attempt (malware-cnc.rules)
 * 1:43967 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Acrobat Professional EMF malformed EMR_POLYBEZIERTO16 out of bounds access attempt (file-multimedia.rules)
 * 1:43977 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader graphics engine memory corruption attempt (file-pdf.rules)
 * 1:45646 <-> DISABLED <-> MALWARE-CNC Vbs.Trojan.Agent outbound system information disclosure (malware-cnc.rules)
 * 1:46581 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (malware-cnc.rules)
 * 1:45773 <-> DISABLED <-> MALWARE-CNC Win.Trojan.CannibalRAT outbound upload attempt (malware-cnc.rules)
 * 1:43978 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader graphics engine memory corruption attempt (file-pdf.rules)
 * 1:45148 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Array out of bounds write attempt (browser-ie.rules)
 * 1:46251 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Rovnix outbound connection attempt (malware-cnc.rules)
 * 1:44880 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF EMR_STRETCHDIBITS memory corruption attempt (file-image.rules)
 * 1:46586 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (malware-cnc.rules)
 * 1:45370 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word docx subDocument file include attempt (file-office.rules)
 * 1:46249 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Rovnix outbound connection attempt (malware-cnc.rules)
 * 1:44621 <-> DISABLED <-> MALWARE-CNC Android Red Alert Trojan outbound connection (malware-cnc.rules)
 * 1:45162 <-> DISABLED <-> BROWSER-IE Microsoft Edge memory corruption attempt (browser-ie.rules)
 * 1:43993 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader graphics engine memory corruption attempt (file-pdf.rules)
 * 1:43994 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader graphics engine memory corruption attempt (file-pdf.rules)
 * 1:44657 <-> DISABLED <-> SERVER-WEBAPP Unitrends Enterprise Backup API SQL injection attempt (server-webapp.rules)
 * 1:44619 <-> DISABLED <-> MALWARE-CNC Android Red Alert Trojan outbound connection (malware-cnc.rules)
 * 1:46372 <-> DISABLED <-> PUA-OTHER Moonify TLS client hello attempt (pua-other.rules)
 * 1:44361 <-> DISABLED <-> SERVER-WEBAPP Trend Micro proxy_controller.php command injection attempt (server-webapp.rules)
 * 1:44338 <-> DISABLED <-> BROWSER-IE Microsoft Edge denial of service attempt (browser-ie.rules)
 * 1:44052 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word EPS filter PostScript object use after free attempt (file-office.rules)
 * 1:45976 <-> DISABLED <-> SERVER-WEBAPP Pivotal Spring Data REST PATCH request remote code execution attempt (server-webapp.rules)
 * 1:46129 <-> DISABLED <-> MALWARE-CNC Win.Trojan.HW32 variant outbound connection (malware-cnc.rules)
 * 1:45682 <-> DISABLED <-> SERVER-OTHER HP Integrated Lights-Out HTTP headers processing buffer overflow attempt (server-other.rules)
 * 1:44622 <-> DISABLED <-> MALWARE-CNC Android Red Alert Trojan outbound connection (malware-cnc.rules)
 * 1:46582 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (malware-cnc.rules)
 * 1:46782 <-> DISABLED <-> MALWARE-CNC Unix.Trojan.Vpnfilter variant SSL connection attempt (malware-cnc.rules)
 * 1:45771 <-> DISABLED <-> MALWARE-CNC Win.Trojan.CannibalRAT initial outbound connection (malware-cnc.rules)
 * 1:46584 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (malware-cnc.rules)
 * 1:45950 <-> DISABLED <-> PUA-OTHER Coinhive TLS client hello attempt (pua-other.rules)
 * 1:44885 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat XPS unicode glyph pointer out of bounds (file-image.rules)
 * 1:37744 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextLine memory corruption attempt (file-flash.rules)
 * 1:37745 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextLine memory corruption attempt (file-flash.rules)
 * 1:37754 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Point object integer overflow attempt (file-flash.rules)
 * 1:37755 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Point object integer overflow attempt (file-flash.rules)
 * 1:47241 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Mylobot additional payload download (malware-cnc.rules)
 * 1:37757 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid sourceRect copyPixels heap corruption attempt (file-flash.rules)
 * 1:37758 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid sourceRect copyPixels heap corruption attempt (file-flash.rules)
 * 1:37761 <-> DISABLED <-> FILE-FLASH Adobe Flash Player rectangle auxiliary method integer overflow attempt (file-flash.rules)
 * 1:37764 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData method memory corruption attempt (file-flash.rules)
 * 1:37770 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative custom getter use after free attempt (file-flash.rules)
 * 1:37771 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative custom getter use after free attempt (file-flash.rules)
 * 1:37774 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript constructor use after free attempt (file-flash.rules)
 * 1:37776 <-> DISABLED <-> FILE-FLASH Adobe Flash Player LoadVars use-after-free attempt (file-flash.rules)
 * 1:37777 <-> DISABLED <-> FILE-FLASH Adobe Flash Player LoadVars use-after-free attempt (file-flash.rules)
 * 1:37783 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed Adobe Texture Format heap overflow attempt (file-flash.rules)
 * 1:37790 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative use after free attempt (file-flash.rules)
 * 1:37792 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative use after free attempt (file-flash.rules)
 * 1:37797 <-> DISABLED <-> FILE-FLASH Adobe Flash Player rectangle memory access violation attempt (file-flash.rules)
 * 1:37798 <-> DISABLED <-> FILE-FLASH Adobe Flash Player rectangle memory access violation attempt (file-flash.rules)
 * 1:37801 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (browser-plugins.rules)
 * 1:37808 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer underflow attempt (file-flash.rules)
 * 1:37824 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:37825 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:37938 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:37939 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:38074 <-> DISABLED <-> BROWSER-IE Microsoft Edge CAsyncTpWorker Windows.Data.Pdf.dll object use after free attempt (browser-ie.rules)
 * 1:38076 <-> DISABLED <-> BROWSER-IE Microsoft Edge CAsyncTpWorker Windows.Data.Pdf.dll object use after free attempt (browser-ie.rules)
 * 1:38101 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word wwlib.dll invalid pointer read attempt (file-office.rules)
 * 1:38165 <-> DISABLED <-> FILE-FLASH Adobe Flash Player hitTest BitmapData object integer overflow attempt (file-flash.rules)
 * 1:38167 <-> DISABLED <-> FILE-FLASH Adobe Flash Player hitTest BitmapData object integer overflow attempt (file-flash.rules)
 * 1:38169 <-> DISABLED <-> FILE-FLASH Adobe Flash Player hitTest BitmapData object integer overflow attempt (file-flash.rules)
 * 1:38170 <-> DISABLED <-> FILE-FLASH Adobe Flash Player hitTest BitmapData object integer overflow attempt (file-flash.rules)
 * 1:38175 <-> DISABLED <-> FILE-FLASH Adobe Standalone Flash Player texfield getter use after free attempt (file-flash.rules)
 * 1:38179 <-> DISABLED <-> FILE-FLASH Adobe Standalone Flash Player ASnative object use after free attempt (file-flash.rules)
 * 1:38182 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 multiple axis attributes integer overflow attempt (file-flash.rules)
 * 1:38184 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 multiple axis attributes integer overflow attempt (file-flash.rules)
 * 1:38191 <-> DISABLED <-> FILE-FLASH Adobe Flash Player si32 integer overflow attempt (file-flash.rules)
 * 1:38192 <-> DISABLED <-> FILE-FLASH Adobe Flash Player si32 integer overflow attempt (file-flash.rules)
 * 1:38197 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursion calls stack overflow attempt (file-flash.rules)
 * 1:38198 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursion calls stack overflow attempt (file-flash.rules)
 * 1:38207 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MPD use-after-free attempt (file-flash.rules)
 * 1:38208 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MPD use-after-free attempt (file-flash.rules)
 * 1:38211 <-> DISABLED <-> FILE-PDF Adobe Reader JPEG 2000 chrominance subsampling memory corruption attempt (file-pdf.rules)
 * 1:38212 <-> DISABLED <-> FILE-PDF Adobe Reader JPEG 2000 chrominance subsampling memory corruption attempt (file-pdf.rules)
 * 1:38215 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData.paletteMap size mismatch integer overflow attempt (file-flash.rules)
 * 1:38216 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData.paletteMap size mismatch integer overflow attempt (file-flash.rules)
 * 1:38219 <-> DISABLED <-> FILE-FLASH Adobe Flash Player use after free attempt (file-flash.rules)
 * 1:38220 <-> DISABLED <-> FILE-FLASH Adobe Flash Player use after free (file-flash.rules)
 * 1:38223 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader annotation oversized array memory corruption attempt (file-pdf.rules)
 * 1:38239 <-> DISABLED <-> FILE-FLASH Adobe Flash Player rectangle width integer overflow attempt (file-flash.rules)
 * 1:38241 <-> DISABLED <-> FILE-FLASH Adobe Flash Player rectangle width integer overflow attempt (file-flash.rules)
 * 1:38286 <-> DISABLED <-> SERVER-WEBAPP Reprise License Manager actserver stack buffer overflow attempt (server-webapp.rules)
 * 1:38287 <-> DISABLED <-> SERVER-WEBAPP Reprise License Manager akey stack buffer overflow attempt (server-webapp.rules)
 * 1:38288 <-> DISABLED <-> SERVER-WEBAPP Reprise License Manager licfile stack buffer overflow attempt (server-webapp.rules)
 * 1:38327 <-> DISABLED <-> MALWARE-BACKDOOR ReGeorg proxy read attempt (malware-backdoor.rules)
 * 1:38405 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Transform Class Matrix AS2 use after free attempt (file-flash.rules)
 * 1:38406 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Transform Class Matrix AS2 use after free attempt (file-flash.rules)
 * 1:38409 <-> DISABLED <-> FILE-FLASH Adobe Flash Player JPEG-XR decode buffer overflow attempt (file-flash.rules)
 * 1:38410 <-> DISABLED <-> FILE-FLASH Adobe Flash Player JPEG-XR decode buffer overflow attempt (file-flash.rules)
 * 1:38413 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection to ColorMatrixFilter object type confusion attempt (file-flash.rules)
 * 1:38415 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection to ColorMatrixFilter object type confusion attempt (file-flash.rules)
 * 1:38425 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ExportAssets count memory corruption attempt (file-flash.rules)
 * 1:38430 <-> DISABLED <-> FILE-FLASH Adobe Flash Player toString type confusion memory corruption attempt (file-flash.rules)
 * 1:38433 <-> DISABLED <-> FILE-FLASH Adobe Flash Player toString type confusion memory corruption attempt (file-flash.rules)
 * 1:38481 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel msxml6 ParseElementN use after free attempt (file-office.rules)
 * 1:38482 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel msxml6 ParseElementN use after free attempt (file-office.rules)
 * 1:38577 <-> DISABLED <-> FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (file-flash.rules)
 * 1:38593 <-> DISABLED <-> EXPLOIT-KIT Nuclear Exploit Kit back end communications attempt (exploit-kit.rules)
 * 1:38631 <-> DISABLED <-> FILE-FLASH Angler exploit kit Adobe Flash SWF exploit download (file-flash.rules)
 * 1:38632 <-> DISABLED <-> FILE-FLASH Angler exploit kit Adobe Flash SWF exploit download (file-flash.rules)
 * 1:38635 <-> DISABLED <-> FILE-FLASH Nuclear exploit kit Adobe Flash SWF exploit download (file-flash.rules)
 * 1:38636 <-> DISABLED <-> FILE-FLASH Nuclear exploit kit Adobe Flash SWF exploit download (file-flash.rules)
 * 1:38729 <-> DISABLED <-> SERVER-OTHER Mediabridge Medialink MWN-WAPR300N and Tenda N3 Wireless N150 inbound admin attempt (server-other.rules)
 * 1:38772 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer EMF file integer overflow attempt (browser-ie.rules)
 * 1:38782 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word TTF out-of-bounds memory access attempt (file-office.rules)
 * 1:38783 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word TTF out-of-bounds memory access attempt (file-office.rules)
 * 1:38830 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ContentFactory memory corruption attempt (file-flash.rules)
 * 1:38832 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ContentFactory memory corruption attempt (file-flash.rules)
 * 1:38833 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ContentFactory memory corruption attempt (file-flash.rules)
 * 1:38841 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VBScript toString redim array use after free attempt (browser-ie.rules)
 * 1:38881 <-> DISABLED <-> FILE-FLASH Adobe Flash Player FileReference type confusion attempt (file-flash.rules)
 * 1:38883 <-> DISABLED <-> FILE-FLASH Adobe Flash Player FileReference type confusion attempt (file-flash.rules)
 * 1:38972 <-> DISABLED <-> FILE-FLASH Adobe Flash Player OpportunityGenerator.update memory corruption attempt (file-flash.rules)
 * 1:38973 <-> DISABLED <-> FILE-FLASH Adobe Flash Player OpportunityGenerator.update memory corruption attempt (file-flash.rules)
 * 1:38974 <-> DISABLED <-> FILE-FLASH Adobe Flash Player OpportunityGenerator.update memory corruption attempt (file-flash.rules)
 * 1:38980 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed FlateDecode stream use after free attempt (file-pdf.rules)
 * 1:38981 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed FlateDecode stream use after free attempt (file-pdf.rules)
 * 1:38996 <-> DISABLED <-> FILE-FLASH Adobe Flash Player addProperty use after free attempt (file-flash.rules)
 * 1:38998 <-> DISABLED <-> FILE-FLASH Adobe Flash Player addProperty use after free attempt (file-flash.rules)
 * 1:39009 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setMetadata memory corruption attempt (file-flash.rules)
 * 1:39010 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setMetadata memory corruption attempt (file-flash.rules)
 * 1:39013 <-> DISABLED <-> FILE-PDF Adobe Reader CTJPEGDecoderReadNextTile out of bounds read attempt (file-pdf.rules)
 * 1:39014 <-> DISABLED <-> FILE-PDF Adobe Reader CTJPEGDecoderReadNextTile out of bounds read attempt (file-pdf.rules)
 * 1:39015 <-> DISABLED <-> FILE-PDF Adobe Reader AcroForm dictionary object use after free attempt (file-pdf.rules)
 * 1:39019 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PSDK use-after-free attempt (file-flash.rules)
 * 1:39020 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PSDK use-after-free attempt (file-flash.rules)
 * 1:39022 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PSDK use-after-free attempt (file-flash.rules)
 * 1:39024 <-> DISABLED <-> FILE-FLASH Adobe Flash Player selection.setFocus use after free attempt (file-flash.rules)
 * 1:39025 <-> DISABLED <-> FILE-FLASH Adobe Flash Player selection.setFocus use after free attempt (file-flash.rules)
 * 1:39032 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASSetNative use-after-free attempt (file-flash.rules)
 * 1:39033 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASSetNative use-after-free attempt (file-flash.rules)
 * 1:39102 <-> DISABLED <-> FILE-PDF Adobe Reader PDF embedded JPEG memory corruption attempt (file-pdf.rules)
 * 1:39103 <-> DISABLED <-> FILE-PDF Adobe Reader PDF embedded JPEG memory corruption attempt (file-pdf.rules)
 * 1:39261 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malformed OTF file out-of-bounds memory access attempt (file-other.rules)
 * 1:39272 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShimContentFactory uninitialized pointer use attempt (file-flash.rules)
 * 1:39280 <-> DISABLED <-> FILE-FLASH Adobe Primetime SDK object type confusion overflow attempt (file-flash.rules)
 * 1:39285 <-> DISABLED <-> FILE-FLASH Adobe Flash Player loadSound use after free attempt (file-flash.rules)
 * 1:39288 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShimContentResolver out of bounds memory access attempt (file-flash.rules)
 * 1:39290 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Primetime SDK ShimContentResolver out of bounds memory access attempt (file-flash.rules)
 * 1:39298 <-> DISABLED <-> FILE-FLASH Adobe Flash player retrieveResolvers memory corruption attempt (file-flash.rules)
 * 1:39305 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Primetime SDK ShimContentResolver out of bounds memory access attempt (file-flash.rules)
 * 1:39319 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShimOpportunityGenerator out of bounds memory access attempt (file-flash.rules)
 * 1:39398 <-> DISABLED <-> SERVER-WEBAPP Symantec SEPM management console cross site scripting attempt (server-webapp.rules)
 * 1:39402 <-> DISABLED <-> FILE-OTHER Symantec Antivirus ALPkOldFormatDecompressor out of bounds read attempt (file-other.rules)
 * 1:39441 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer overflow attempt (file-flash.rules)
 * 1:39457 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer underflow attempt (file-flash.rules)
 * 1:39505 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Edge text node table-cell use after free attempt (browser-ie.rules)
 * 1:39524 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel empty bookViews element denial of service attempt (file-office.rules)
 * 1:39525 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel empty bookViews element denial of service attempt (file-office.rules)
 * 1:39540 <-> DISABLED <-> FILE-FLASH Adobe Flash Player local-with-filesystem security bypass attempt (file-flash.rules)
 * 1:39543 <-> DISABLED <-> FILE-FLASH Adobe Flash Player local-with-filesystem security bypass attempt (file-flash.rules)
 * 1:39564 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TimedEvent memory corruption attempt (file-flash.rules)
 * 1:39685 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Tinba variant outbound connection (malware-cnc.rules)
 * 1:39687 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed embeded TTF file memory corruption attempt (file-pdf.rules)
 * 1:39690 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ABRControlParameters access memory corruption attempt (file-flash.rules)
 * 1:39702 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MediaPlayerItemLoader out of bounds memory access attempt (file-flash.rules)
 * 1:39799 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader raster image memory corruption attempt (file-pdf.rules)
 * 1:39824 <-> DISABLED <-> OS-WINDOWS Microsoft Windows GDI emf file integer overflow attempt (os-windows.rules)
 * 1:39843 <-> DISABLED <-> OS-WINDOWS Microsoft Windows gdiplus EMF EmrText out of bounds write attempt (os-windows.rules)
 * 1:39851 <-> DISABLED <-> INDICATOR-COMPROMISE Connection to malware sinkhole - CERT.PL (indicator-compromise.rules)
 * 1:39893 <-> DISABLED <-> OS-LINUX Linux Kernel USBIP out of bounds write attempt (os-linux.rules)
 * 1:39894 <-> DISABLED <-> OS-LINUX Linux Kernel USBIP out of bounds write attempt (os-linux.rules)
 * 1:40075 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel LPenHelper out of bounds write attempt (file-office.rules)
 * 1:40076 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel LPenHelper out of bounds write attempt (file-office.rules)
 * 1:40102 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40103 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40104 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40105 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40106 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40107 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40116 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40117 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40121 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40122 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40152 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DRMManager memory corruption attempt (file-flash.rules)
 * 1:40167 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShimContentResolver out of bounds memory access attempt (file-flash.rules)
 * 1:40178 <-> DISABLED <-> FILE-FLASH Adobe Flash Player local-with-filesystem sandbox escape attempt (file-flash.rules)
 * 1:40236 <-> DISABLED <-> FILE-PDF Adobe Reader embedded font out of bounds memory access attempt (file-pdf.rules)
 * 1:40237 <-> DISABLED <-> FILE-PDF Adobe Reader embedded font out of bounds memory access attempt (file-pdf.rules)
 * 1:40312 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CTreePos type confusion attempt (browser-ie.rules)
 * 1:40375 <-> DISABLED <-> OS-WINDOWS Microsoft Windows insecure BoundaryDescriptor privilege escalation attempt (os-windows.rules)
 * 1:40425 <-> DISABLED <-> OS-WINDOWS Microsoft Windows GDI+ EMF buffer overread attempt (os-windows.rules)
 * 1:40503 <-> DISABLED <-> FILE-FLASH Adobe Flash Player QOSProvider use-after-free attempt (file-flash.rules)
 * 1:40706 <-> DISABLED <-> FILE-OTHER Microsoft Windows OTF cmap table parsing integer overflow attempt (file-other.rules)
 * 1:40717 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel LPenHelper use after free attempt (file-office.rules)
 * 1:40718 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel LPenHelper use after free attempt (file-office.rules)
 * 1:40737 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Primetime SDK AdvertisingMetadata type confustion attempt (file-flash.rules)
 * 1:40743 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource use after free attempt (file-flash.rules)
 * 1:40753 <-> ENABLED <-> EXPLOIT-KIT Rig exploit kit outbound communication (exploit-kit.rules)
 * 1:40813 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight GetChar out of bounds read attempt (browser-plugins.rules)
 * 1:40814 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight GetChar out of bounds read attempt (browser-plugins.rules)
 * 1:40934 <-> DISABLED <-> FILE-EXECUTABLE Nvidia Windows kernel mode driver denial of service attempt (file-executable.rules)
 * 1:40957 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel security descriptor out of bounds read attempt (file-office.rules)
 * 1:40958 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel security descriptor out of bounds read attempt (file-office.rules)
 * 1:40959 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ddeService command execution attempt (file-office.rules)
 * 1:40960 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ddeService command execution attempt (file-office.rules)
 * 1:40983 <-> DISABLED <-> FILE-OTHER Microsoft Internet Explorer malformed ico integer overflow attempt (file-other.rules)
 * 1:41003 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Primetime SDK out of bounds read attempt (file-flash.rules)
 * 1:41015 <-> DISABLED <-> FILE-FLASH Acrobat Flash WorkerDomain memory corruption attempt (file-flash.rules)
 * 1:41026 <-> DISABLED <-> SERVER-WEBAPP Advantech WebAccess Dashboard remote code execution attempt (server-webapp.rules)
 * 1:41310 <-> DISABLED <-> FILE-IMAGE libBPG restore_tqb_pixel out of bounds write attempt (file-image.rules)
 * 1:41344 <-> DISABLED <-> FILE-OTHER CorelDRAW X8 EMF invalid ihBrush field value out of bounds read attempt (file-other.rules)
 * 1:41358 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Primetime SDK ShimContentResolver memory corruption attempt (file-flash.rules)
 * 1:41515 <-> DISABLED <-> POLICY-OTHER McAfee Virus Scan Linux outdated version detected (policy-other.rules)
 * 1:41516 <-> DISABLED <-> SERVER-WEBAPP McAfee Virus Scan Linux file existence test attempt (server-webapp.rules)
 * 1:41521 <-> DISABLED <-> SERVER-WEBAPP McAfee Virus Scan Linux cross site scripting attempt (server-webapp.rules)
 * 1:41565 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:41566 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:41601 <-> DISABLED <-> FILE-PDF Microsoft Edge PDF Builder out of bounds read attempt (file-pdf.rules)
 * 1:41602 <-> DISABLED <-> FILE-PDF Microsoft Edge PDF Builder out of bounds read attempt (file-pdf.rules)
 * 1:41624 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MessageChannel type confusion attempt (file-flash.rules)
 * 1:41630 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PSDK EventDispatch removeEventListener use after free attempt (file-flash.rules)
 * 1:41680 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShimContentResolver out of bounds memory access attempt (file-flash.rules)
 * 1:41681 <-> DISABLED <-> SERVER-WEBAPP McAfee Virus Scan Linux remote code execution attempt (server-webapp.rules)
 * 1:41783 <-> ENABLED <-> EXPLOIT-KIT Rig exploit kit URL outbound communication (exploit-kit.rules)
 * 1:41818 <-> DISABLED <-> SERVER-APACHE Apache Struts remote code execution attempt (server-apache.rules)
 * 1:41819 <-> DISABLED <-> SERVER-APACHE Apache Struts remote code execution attempt (server-apache.rules)
 * 1:41976 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel shared strings memory corruption attempt (file-office.rules)
 * 1:41977 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel shared strings memory corruption attempt (file-office.rules)
 * 1:41979 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel shared strings memory corruption attempt (file-office.rules)
 * 1:41980 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel shared strings memory corruption attempt (file-office.rules)
 * 1:42080 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Jenxcus outbound connection with unique User-Agent (malware-cnc.rules)
 * 1:42097 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Resolution Opportunity parameter memory corruption attempt (file-flash.rules)
 * 1:42150 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malformed OTF file out-of-bounds memory access attempt (file-other.rules)
 * 1:42151 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malformed OTF file out-of-bounds memory access attempt (file-other.rules)
 * 1:42161 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel  out of bounds memory attempt (file-office.rules)
 * 1:42162 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel out of bounds memory attempt (file-office.rules)
 * 1:42222 <-> DISABLED <-> SERVER-WEBAPP Moxa MX Studio login page denial of service attempt (server-webapp.rules)
 * 1:42372 <-> ENABLED <-> POLICY-OTHER eicar file detected (policy-other.rules)
 * 1:42373 <-> ENABLED <-> POLICY-OTHER eicar file detected (policy-other.rules)
 * 1:42374 <-> ENABLED <-> POLICY-OTHER eicar file detected (policy-other.rules)
 * 1:42375 <-> ENABLED <-> POLICY-OTHER eicar file detected (policy-other.rules)
 * 1:42376 <-> ENABLED <-> POLICY-OTHER eicar file detected (policy-other.rules)
 * 1:42810 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData out of bounds memory access attempt (file-flash.rules)
 * 1:42811 <-> DISABLED <-> BROWSER-IE Microsoft Edge Chakra Engine use-after-free attempt (browser-ie.rules)
 * 1:42812 <-> DISABLED <-> BROWSER-IE Microsoft Edge Chakra Engine use-after-free attempt (browser-ie.rules)
 * 1:42816 <-> DISABLED <-> FILE-FLASH Adobe Flash Player display object mask use after free attempt (file-flash.rules)
 * 1:42817 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayObject use after free attempt (file-flash.rules)
 * 1:42902 <-> DISABLED <-> FILE-OFFICE Microsoft Office EPS restore command use after free attempt (file-office.rules)
 * 1:42904 <-> DISABLED <-> FILE-OFFICE Microsoft Office EPS restore command use after free attempt (file-office.rules)
 * 1:42911 <-> DISABLED <-> FILE-PDF Acrobat Reader TIFF malformed IFD tag heap overflow attempt (file-pdf.rules)
 * 1:42913 <-> DISABLED <-> FILE-PDF Acrobat Reader TIFF malformed IFD tag heap overflow attempt (file-pdf.rules)
 * 1:42915 <-> DISABLED <-> FILE-PDF Acrobat Reader TIFF malformed IFD tag heap overflow attempt (file-pdf.rules)
 * 1:43048 <-> DISABLED <-> FILE-FLASH Adobe Flash Player JSON stringify memory corruption attempt (file-flash.rules)
 * 1:43169 <-> DISABLED <-> BROWSER-IE Microsoft Edge textContent use after free attempt (browser-ie.rules)
 * 1:43179 <-> DISABLED <-> FILE-OFFICE Powerpoint mouseover powershell malware download attempt (file-office.rules)
 * 1:43221 <-> DISABLED <-> MALWARE-OTHER Win.Trojan-Downloader.Jadtree GET request of RAR file to server (malware-other.rules)
 * 1:43383 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AdvertisingMetadata use after free attempt (file-flash.rules)
 * 1:43396 <-> DISABLED <-> FILE-FLASH Adobe Acrobat Reader profile use after free attempt (file-flash.rules)
 * 1:47678 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Torpplar variant outbound connection (malware-cnc.rules)
 * 1:36707 <-> DISABLED <-> FILE-OFFICE Microsoft Office malformed odttf integer overflow attempt (file-office.rules)
 * 1:36708 <-> DISABLED <-> FILE-OFFICE Microsoft Office malformed odttf integer overflow attempt (file-office.rules)
 * 1:36713 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ClickOnce information disclosure attempt (os-windows.rules)
 * 1:36714 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel slicer style use-after-free attempt (file-office.rules)
 * 1:36715 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel slicer style use-after-free attempt (file-office.rules)
 * 1:36751 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel MdCallBack out of bounds read attempt (file-office.rules)
 * 1:36752 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel MdCallBack out of bounds read attempt (file-office.rules)
 * 1:36812 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer nonexistent attribute removal memory corruption attempt (browser-ie.rules)
 * 1:36819 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:36820 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:36821 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:36822 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:36829 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 actionExtends use-after-free attempt (file-flash.rules)
 * 1:36830 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 actionExtends use-after-free attempt (file-flash.rules)
 * 1:36831 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 actionExtends use-after-free attempt (file-flash.rules)
 * 1:36832 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 actionExtends use-after-free attempt (file-flash.rules)
 * 1:36846 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 TextField gridFitType use after free attempt (file-flash.rules)
 * 1:36859 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36860 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36863 <-> DISABLED <-> FILE-FLASH Adobe Flash Player attachsound use-after-free attempt (file-flash.rules)
 * 1:36864 <-> DISABLED <-> FILE-FLASH Adobe Flash Player attachsound use-after-free attempt (file-flash.rules)
 * 1:36883 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:36960 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word XML parsing use after free attempt (file-office.rules)
 * 1:36961 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word XML parsing use after free attempt (file-office.rules)
 * 1:36998 <-> DISABLED <-> OS-WINDOWS Microsoft .NET Silverlight manifest resource file information disclosure attempt (os-windows.rules)
 * 1:37071 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter integer overflow attempt (file-flash.rules)
 * 1:37072 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter integer overflow attempt (file-flash.rules)
 * 1:37074 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter integer overflow attempt (file-flash.rules)
 * 1:37075 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter integer overflow attempt (file-flash.rules)
 * 1:37081 <-> DISABLED <-> FILE-FLASH Adobe Flash Player String length heap buffer overflow attempt (file-flash.rules)
 * 1:37082 <-> DISABLED <-> FILE-FLASH Adobe Flash Player String length heap buffer overflow attempt (file-flash.rules)
 * 1:37085 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array memory corruption attempt (file-flash.rules)
 * 1:37086 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array memory corruption attempt (file-flash.rules)
 * 1:37090 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PrintJob object use-after-free attempt (file-flash.rules)
 * 1:37091 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PrintJob object use-after-free attempt (file-flash.rules)
 * 1:37092 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SoundURLStream memory corruption attempt (file-flash.rules)
 * 1:37094 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SoundURLStream memory corruption attempt (file-flash.rules)
 * 1:37105 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MovieClip object use-after-free attempt (file-flash.rules)
 * 1:37106 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MovieClip object use-after-free attempt (file-flash.rules)
 * 1:37109 <-> DISABLED <-> FILE-FLASH Adobe Flash Player selection.setFocus use after free attempt (file-flash.rules)
 * 1:37110 <-> DISABLED <-> FILE-FLASH Adobe Flash Player selection.setFocus use after free attempt (file-flash.rules)
 * 1:37118 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (file-flash.rules)
 * 1:37119 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (file-flash.rules)
 * 1:37121 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MP3 ID3 data parsing heap buffer overflow attempt (file-flash.rules)
 * 1:37123 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MP3 ID3 data parsing heap buffer overflow attempt (file-flash.rules)
 * 1:37128 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 setTransform use-after-free attempt (file-flash.rules)
 * 1:37129 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 setTransform use-after-free attempt (file-flash.rules)
 * 1:37135 <-> DISABLED <-> SERVER-WEBAPP Fireeye Java decompiler reflection remote code execution attempt (server-webapp.rules)
 * 1:37136 <-> DISABLED <-> SERVER-WEBAPP Fireeye Java decompiler reflection remote code execution attempt (server-webapp.rules)
 * 1:37144 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SetSlot type confusion attempt (file-flash.rules)
 * 1:37145 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SetSlot type confusion attempt (file-flash.rules)
 * 1:37157 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject send stack buffer overflow attempt (file-flash.rules)
 * 1:37159 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject send stack buffer overflow attempt (file-flash.rules)
 * 1:37160 <-> DISABLED <-> FILE-FLASH Adobe Flash Player oversize source bitmap memory corruption attempt (file-flash.rules)
 * 1:37161 <-> DISABLED <-> FILE-FLASH Adobe Flash Player oversize source bitmap memory corruption attempt (file-flash.rules)
 * 1:37167 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLStream use after free attempt (file-flash.rules)
 * 1:37168 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLStream use after free attempt (file-flash.rules)
 * 1:37169 <-> DISABLED <-> FILE-FLASH Adobe Flash Player heap memory disclosure via custom valueOf handler attempt (file-flash.rules)
 * 1:37170 <-> DISABLED <-> FILE-FLASH Adobe Flash Player heap memory disclosure via custom valueOf handler attempt (file-flash.rules)
 * 1:37171 <-> DISABLED <-> FILE-FLASH Adobe Flash Player heap memory disclosure via custom valueOf handler attempt (file-flash.rules)
 * 1:37172 <-> DISABLED <-> FILE-FLASH Adobe Flash Player heap memory disclosure via custom valueOf handler attempt (file-flash.rules)
 * 1:37178 <-> DISABLED <-> FILE-FLASH Adobe Flash Player M3U8 parser logic memory corruption attempt (file-flash.rules)
 * 1:37180 <-> DISABLED <-> FILE-FLASH Adobe Flash Player M3U8 parser logic memory corruption attempt (file-flash.rules)
 * 1:37183 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextFormat.tabStops use after free attempt (file-flash.rules)
 * 1:37184 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextFormat.tabStops use after free attempt (file-flash.rules)
 * 1:37185 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextFormat.tabStops use after free attempt (file-flash.rules)
 * 1:37186 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextFormat.tabStops use after free attempt (file-flash.rules)
 * 1:37205 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object.addProperty method use after free attempt (file-flash.rules)
 * 1:37206 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object.addProperty method use after free attempt (file-flash.rules)
 * 1:37208 <-> DISABLED <-> FILE-FLASH Adobe Flash Player LoadVars decode use after free attempt (file-flash.rules)
 * 1:37210 <-> DISABLED <-> FILE-FLASH Adobe Flash Player LoadVars decode use after free attempt (file-flash.rules)
 * 1:37216 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MovieClip setMask use after free attempt (file-flash.rules)
 * 1:37218 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MovieClip setMask use after free attempt (file-flash.rules)
 * 1:37237 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object hasOwnProperty use after free attempt (file-flash.rules)
 * 1:37239 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object hasOwnProperty use after free attempt (file-flash.rules)
 * 1:37247 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeMovieClip use after free attempt (file-flash.rules)
 * 1:37248 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeMovieClip use after free attempt (file-flash.rules)
 * 1:37249 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeMovieClip use after free attempt (file-flash.rules)
 * 1:37259 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel mso20win32client use after free attempt (file-office.rules)
 * 1:37265 <-> DISABLED <-> FILE-OFFICE Microsoft Office metafile conversion out of bounds read attempt (file-office.rules)
 * 1:37266 <-> DISABLED <-> FILE-OFFICE Microsoft Office metafile conversion out of bounds read attempt (file-office.rules)
 * 1:37267 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight GetChar out of bounds read attempt (browser-plugins.rules)
 * 1:37268 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight GetChar out of bounds read attempt (browser-plugins.rules)
 * 1:37345 <-> DISABLED <-> FILE-FLASH Adobe Flash Player improper display list handling memory corruption attempt (file-flash.rules)
 * 1:37347 <-> DISABLED <-> FILE-FLASH Adobe Flash Player improper display list handling memory corruption attempt (file-flash.rules)
 * 1:37399 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader custom string length function memory corruption attempt (file-pdf.rules)
 * 1:37525 <-> DISABLED <-> SERVER-OTHER NTP arbitrary pidfile and driftfile overwrite attempt (server-other.rules)
 * 1:37550 <-> DISABLED <-> EXPLOIT-KIT Nuclear landing page detected (exploit-kit.rules)
 * 1:37592 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel formula length heap corruption attempt (file-office.rules)
 * 1:37593 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel formula length heap corruption attempt (file-office.rules)
 * 1:37600 <-> DISABLED <-> FILE-OFFICE Microsoft Powerpoint shape objects null pointer dereference memory corruption attempt (file-office.rules)
 * 1:37601 <-> DISABLED <-> FILE-OFFICE Microsoft Powerpoint shape objects null pointer dereference memory corruption attempt (file-office.rules)
 * 1:37664 <-> DISABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 1:37670 <-> DISABLED <-> FILE-FLASH Adobe Flash Player convolution filter use-after-free attempt (file-flash.rules)
 * 1:37671 <-> DISABLED <-> FILE-FLASH Adobe Flash Player convolution filter use-after-free attempt (file-flash.rules)
 * 1:37700 <-> DISABLED <-> FILE-OFFICE Microsoft Office ole object external file loading attempt (file-office.rules)
 * 1:37702 <-> DISABLED <-> FILE-OFFICE Microsoft Office ole object external file loading attempt (file-office.rules)
 * 1:37703 <-> DISABLED <-> FILE-OFFICE Microsoft Office ole object external file loading attempt (file-office.rules)
 * 1:37704 <-> DISABLED <-> FILE-OFFICE Microsoft Office ole object external file loading attempt (file-office.rules)
 * 1:37705 <-> DISABLED <-> FILE-OFFICE Microsoft Office ole object external file loading attempt (file-office.rules)
 * 1:37706 <-> DISABLED <-> FILE-OFFICE Microsoft Office ole object external file loading attempt (file-office.rules)
 * 1:37711 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:37726 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:37727 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:37734 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Point object integer overflow attempt (file-flash.rules)
 * 1:37736 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Point object integer overflow attempt (file-flash.rules)
 * 1:37740 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BlurFilter memory corruption attempt (file-flash.rules)
 * 1:49255 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:49311 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:49376 <-> DISABLED <-> SERVER-APACHE Apache Struts remote code execution attempt (server-apache.rules)
 * 1:49788 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Zacinlo outbound connection (malware-cnc.rules)
 * 1:49789 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Zacinlo outbound connection (malware-cnc.rules)
 * 1:56130 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56131 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56132 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56133 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56138 <-> ENABLED <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt (server-webapp.rules)
 * 1:37741 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BlurFilter memory corruption attempt (file-flash.rules)

2020-10-29 14:07:10 UTC

Snort Subscriber Rules Update

Date: 2020-10-29

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091401.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:56157 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook email parsing remote code execution attempt (file-office.rules)
 * 1:56156 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook email parsing remote code execution attempt (file-office.rules)
 * 1:56155 <-> DISABLED <-> SERVER-WEBAPP MobileIron Core & Connector remote code execution attempt (server-webapp.rules)
 * 1:56151 <-> DISABLED <-> SERVER-OTHER Adobe ColdFusion vulnerable DataServicesCFProxy class reference attempt (server-other.rules)
 * 1:56150 <-> DISABLED <-> SERVER-OTHER Adobe ColdFusion DataServicesCFProxy insecure Java deserialization attempt (server-other.rules)
 * 1:56165 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.PyVil download attempt (malware-other.rules)
 * 1:56167 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.PyVil download attempt (malware-other.rules)
 * 1:56166 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.PyVil outbound communication attempt (malware-other.rules)
 * 1:56154 <-> DISABLED <-> SERVER-WEBAPP MobileIron Core & Connector remote code execution attempt (server-webapp.rules)
 * 1:56140 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Czxz-9784395-0 download attempt (malware-other.rules)
 * 1:56142 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.Zusy-9784403-0 download attempt (malware-other.rules)
 * 1:56141 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.Zusy-9784403-0 download attempt (malware-other.rules)
 * 1:56162 <-> ENABLED <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt (server-webapp.rules)
 * 1:56139 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Czxz-9784395-0 download attempt (malware-other.rules)
 * 1:56163 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.PyVil download attempt (malware-other.rules)
 * 1:56164 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.PyVil download attempt (malware-other.rules)
 * 3:56148 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1179 attack attempt (server-webapp.rules)
 * 3:56149 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1179 attack attempt (server-webapp.rules)
 * 3:56143 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1177 attack attempt (server-webapp.rules)
 * 3:56144 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1177 attack attempt (server-webapp.rules)
 * 3:56161 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1176 attack attempt (file-image.rules)
 * 3:56158 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1176 attack attempt (file-image.rules)
 * 3:56147 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1179 attack attempt (server-webapp.rules)
 * 3:56153 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1178 attack attempt (server-webapp.rules)
 * 3:56159 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1176 attack attempt (file-image.rules)
 * 3:56146 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1177 attack attempt (server-webapp.rules)
 * 3:56152 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1178 attack attempt (server-webapp.rules)
 * 3:56160 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1176 attack attempt (file-image.rules)
 * 3:56145 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1177 attack attempt (server-webapp.rules)

Modified Rules:


 * 1:39102 <-> DISABLED <-> FILE-PDF Adobe Reader PDF embedded JPEG memory corruption attempt (file-pdf.rules)
 * 1:43790 <-> DISABLED <-> SERVER-OTHER Apache mod_auth_digest out of bounds read attempt (server-other.rules)
 * 1:43455 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:47236 <-> DISABLED <-> MALWARE-CNC Unix.Trojan.Prowli variant outbound connection (malware-cnc.rules)
 * 1:42904 <-> DISABLED <-> FILE-OFFICE Microsoft Office EPS restore command use after free attempt (file-office.rules)
 * 1:42911 <-> DISABLED <-> FILE-PDF Acrobat Reader TIFF malformed IFD tag heap overflow attempt (file-pdf.rules)
 * 1:42913 <-> DISABLED <-> FILE-PDF Acrobat Reader TIFF malformed IFD tag heap overflow attempt (file-pdf.rules)
 * 1:42915 <-> DISABLED <-> FILE-PDF Acrobat Reader TIFF malformed IFD tag heap overflow attempt (file-pdf.rules)
 * 1:43048 <-> DISABLED <-> FILE-FLASH Adobe Flash Player JSON stringify memory corruption attempt (file-flash.rules)
 * 1:43169 <-> DISABLED <-> BROWSER-IE Microsoft Edge textContent use after free attempt (browser-ie.rules)
 * 1:43179 <-> DISABLED <-> FILE-OFFICE Powerpoint mouseover powershell malware download attempt (file-office.rules)
 * 1:43221 <-> DISABLED <-> MALWARE-OTHER Win.Trojan-Downloader.Jadtree GET request of RAR file to server (malware-other.rules)
 * 1:43383 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AdvertisingMetadata use after free attempt (file-flash.rules)
 * 1:43396 <-> DISABLED <-> FILE-FLASH Adobe Acrobat Reader profile use after free attempt (file-flash.rules)
 * 1:47701 <-> DISABLED <-> MALWARE-CNC Win.Backdoor.Iniduoh variant outbound connection (malware-cnc.rules)
 * 1:47175 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ddeService command execution attempt (file-office.rules)
 * 1:47358 <-> DISABLED <-> SERVER-WEBAPP CCTV-DVR command injection attempt (server-webapp.rules)
 * 1:47006 <-> DISABLED <-> MALWARE-CNC Win.Trojan.SocketPlayer outbound connection (malware-cnc.rules)
 * 1:46252 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Rovnix outbound connection attempt (malware-cnc.rules)
 * 1:43913 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Professional XPS2PDF memory corruption attempt (file-other.rules)
 * 1:47556 <-> DISABLED <-> MALWARE-CNC Win.Trojan.PLEAD downloader outbound connection (malware-cnc.rules)
 * 1:45682 <-> DISABLED <-> SERVER-OTHER HP Integrated Lights-Out HTTP headers processing buffer overflow attempt (server-other.rules)
 * 1:46129 <-> DISABLED <-> MALWARE-CNC Win.Trojan.HW32 variant outbound connection (malware-cnc.rules)
 * 1:45976 <-> DISABLED <-> SERVER-WEBAPP Pivotal Spring Data REST PATCH request remote code execution attempt (server-webapp.rules)
 * 1:44338 <-> DISABLED <-> BROWSER-IE Microsoft Edge denial of service attempt (browser-ie.rules)
 * 1:43994 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader graphics engine memory corruption attempt (file-pdf.rules)
 * 1:44619 <-> DISABLED <-> MALWARE-CNC Android Red Alert Trojan outbound connection (malware-cnc.rules)
 * 1:46372 <-> DISABLED <-> PUA-OTHER Moonify TLS client hello attempt (pua-other.rules)
 * 1:45771 <-> DISABLED <-> MALWARE-CNC Win.Trojan.CannibalRAT initial outbound connection (malware-cnc.rules)
 * 1:44052 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word EPS filter PostScript object use after free attempt (file-office.rules)
 * 1:46584 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (malware-cnc.rules)
 * 1:46782 <-> DISABLED <-> MALWARE-CNC Unix.Trojan.Vpnfilter variant SSL connection attempt (malware-cnc.rules)
 * 1:46582 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (malware-cnc.rules)
 * 1:44622 <-> DISABLED <-> MALWARE-CNC Android Red Alert Trojan outbound connection (malware-cnc.rules)
 * 1:45370 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word docx subDocument file include attempt (file-office.rules)
 * 1:45949 <-> DISABLED <-> PUA-OTHER Coinhive TLS server hello attempt (pua-other.rules)
 * 1:46586 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (malware-cnc.rules)
 * 1:44880 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF EMR_STRETCHDIBITS memory corruption attempt (file-image.rules)
 * 1:44621 <-> DISABLED <-> MALWARE-CNC Android Red Alert Trojan outbound connection (malware-cnc.rules)
 * 1:44657 <-> DISABLED <-> SERVER-WEBAPP Unitrends Enterprise Backup API SQL injection attempt (server-webapp.rules)
 * 1:46249 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Rovnix outbound connection attempt (malware-cnc.rules)
 * 1:45162 <-> DISABLED <-> BROWSER-IE Microsoft Edge memory corruption attempt (browser-ie.rules)
 * 1:44430 <-> DISABLED <-> FILE-OFFICE Fin7 Maldoc campaign exploitation attempt  (file-office.rules)
 * 1:44016 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Rectangle constructor use after free attempt (file-flash.rules)
 * 1:46581 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (malware-cnc.rules)
 * 1:43977 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader graphics engine memory corruption attempt (file-pdf.rules)
 * 1:44620 <-> DISABLED <-> MALWARE-CNC Android Red Alert Trojan outbound connection (malware-cnc.rules)
 * 1:45646 <-> DISABLED <-> MALWARE-CNC Vbs.Trojan.Agent outbound system information disclosure (malware-cnc.rules)
 * 1:43901 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Professional XPS2PDF memory corruption attempt (file-other.rules)
 * 1:45564 <-> DISABLED <-> MALWARE-CNC Unix.Trojan.Vpnfilter variant outbound connection attempt (malware-cnc.rules)
 * 1:45336 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ursnif variant outbound connection attempt (malware-cnc.rules)
 * 1:46251 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Rovnix outbound connection attempt (malware-cnc.rules)
 * 1:45148 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Array out of bounds write attempt (browser-ie.rules)
 * 1:45773 <-> DISABLED <-> MALWARE-CNC Win.Trojan.CannibalRAT outbound upload attempt (malware-cnc.rules)
 * 1:44564 <-> DISABLED <-> MALWARE-CNC PowerShell Empire variant outbound connection (malware-cnc.rules)
 * 1:46137 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Cidox variant outbound connection attempt (malware-cnc.rules)
 * 1:47056 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel empty bookViews element denial of service attempt (file-office.rules)
 * 1:46989 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.MBRLock file download (malware-other.rules)
 * 1:46793 <-> DISABLED <-> OS-WINDOWS Malicious zip download attempt (os-windows.rules)
 * 1:46783 <-> DISABLED <-> MALWARE-CNC Unix.Trojan.Vpnfilter variant SSL connection attempt (malware-cnc.rules)
 * 1:44903 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PSDK Metadata memory corruption attempt (file-flash.rules)
 * 1:44017 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Rectangle constructor use after free attempt (file-flash.rules)
 * 1:45371 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word docx subDocument file include attempt (file-office.rules)
 * 1:45642 <-> DISABLED <-> MALWARE-CNC Vbs.Trojan.Agent outbound connection (malware-cnc.rules)
 * 1:45131 <-> DISABLED <-> OS-WINDOWS Microsoft Windows RRAS service arbitrary pointer dereference attempt (os-windows.rules)
 * 1:46371 <-> DISABLED <-> PUA-OTHER Moonify TLS server hello attempt (pua-other.rules)
 * 1:44969 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF EmfPlusFont memory corruption attempt (file-image.rules)
 * 1:45772 <-> DISABLED <-> MALWARE-CNC Win.Trojan.CannibalRAT outbound reporting attempt (malware-cnc.rules)
 * 1:44646 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.BadRabbit propagation via SVCCTL remote service attempt (malware-other.rules)
 * 1:43900 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Professional XPS2PDF memory corruption attempt (file-other.rules)
 * 1:45978 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB kernel heap memory leak attempt (os-windows.rules)
 * 1:46583 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (malware-cnc.rules)
 * 1:44404 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Trickbot malicious communication attempt (malware-cnc.rules)
 * 1:43993 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader graphics engine memory corruption attempt (file-pdf.rules)
 * 1:45132 <-> DISABLED <-> FILE-OFFICE Microsoft Office Equation Editor object stack buffer overflow attempt (file-office.rules)
 * 1:45643 <-> DISABLED <-> MALWARE-CNC Vbs.Trojan.Agent inbound payload download (malware-cnc.rules)
 * 1:45169 <-> DISABLED <-> BROWSER-IE Microsoft Edge array type confusion attempt (browser-ie.rules)
 * 1:44929 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF out of bounds write attempt (file-image.rules)
 * 1:45923 <-> DISABLED <-> EXPLOIT-KIT Terror EK dll download attempt (exploit-kit.rules)
 * 1:43912 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Professional XPS2PDF memory corruption attempt (file-other.rules)
 * 1:45117 <-> DISABLED <-> SERVER-WEBAPP Huawei DeviceUpgrade command injection attempt (server-webapp.rules)
 * 1:45909 <-> DISABLED <-> MALWARE-CNC CobaltStrike trial version inbound beacon response (malware-cnc.rules)
 * 1:46585 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (malware-cnc.rules)
 * 1:44964 <-> DISABLED <-> FILE-FLASH Adobe Flash Player tvsdk object use after free attempt (file-flash.rules)
 * 1:46580 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (malware-cnc.rules)
 * 1:46135 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Krodown variant connection attempt (malware-cnc.rules)
 * 1:44360 <-> DISABLED <-> SERVER-WEBAPP Trend Micro proxy_controller.php command injection attempt (server-webapp.rules)
 * 1:45904 <-> DISABLED <-> MALWARE-BACKDOOR CobaltStrike inbound beacon download (malware-backdoor.rules)
 * 1:44361 <-> DISABLED <-> SERVER-WEBAPP Trend Micro proxy_controller.php command injection attempt (server-webapp.rules)
 * 1:45130 <-> DISABLED <-> OS-WINDOWS Microsoft Windows RRAS service arbitrary pointer dereference attempt (os-windows.rules)
 * 1:43978 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader graphics engine memory corruption attempt (file-pdf.rules)
 * 1:46744 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dropper malicious executable download attempt (malware-cnc.rules)
 * 1:45972 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Chafer malicious communication attempt (malware-cnc.rules)
 * 1:43967 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Acrobat Professional EMF malformed EMR_POLYBEZIERTO16 out of bounds access attempt (file-multimedia.rules)
 * 1:43865 <-> DISABLED <-> FILE-IMAGE Adobe Reader EMF EMR_MOVETOEX memory corruption attempt (file-image.rules)
 * 1:45950 <-> DISABLED <-> PUA-OTHER Coinhive TLS client hello attempt (pua-other.rules)
 * 1:44885 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat XPS unicode glyph pointer out of bounds (file-image.rules)
 * 1:45973 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Chafer malicious communication attempt (malware-cnc.rules)
 * 1:46250 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Rovnix outbound connection attempt (malware-cnc.rules)
 * 1:44688 <-> DISABLED <-> SERVER-WEBAPP Netgear DGN1000 series routers arbitrary command execution attempt (server-webapp.rules)
 * 1:45977 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB kernel heap memory leak attempt (os-windows.rules)
 * 1:46490 <-> DISABLED <-> FILE-PDF Adobe Flash Player ActionScript setFocus use after free attempt (file-pdf.rules)
 * 1:45922 <-> DISABLED <-> EXPLOIT-KIT Terror EK exe download attempt (exploit-kit.rules)
 * 1:44892 <-> DISABLED <-> FILE-FLASH Adobe Flash Player determinePreferredLocales memory corruption attempt (file-flash.rules)
 * 1:46491 <-> DISABLED <-> FILE-PDF Adobe Flash Player ActionScript setFocus use after free attempt (file-pdf.rules)
 * 1:44431 <-> DISABLED <-> FILE-OFFICE Fin7 Maldoc campaign exploitation attempt  (file-office.rules)
 * 1:47242 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Mylobot additional payload download (malware-cnc.rules)
 * 1:47148 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ursnif malicious file download (malware-cnc.rules)
 * 1:47557 <-> DISABLED <-> MALWARE-CNC Win.Trojan.PLEAD downloader outbound connection (malware-cnc.rules)
 * 1:47241 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Mylobot additional payload download (malware-cnc.rules)
 * 1:47678 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Torpplar variant outbound connection (malware-cnc.rules)
 * 1:49255 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:49311 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:49376 <-> DISABLED <-> SERVER-APACHE Apache Struts remote code execution attempt (server-apache.rules)
 * 1:49788 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Zacinlo outbound connection (malware-cnc.rules)
 * 1:49789 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Zacinlo outbound connection (malware-cnc.rules)
 * 1:56130 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56131 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56132 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56133 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56138 <-> ENABLED <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt (server-webapp.rules)
 * 1:39103 <-> DISABLED <-> FILE-PDF Adobe Reader PDF embedded JPEG memory corruption attempt (file-pdf.rules)
 * 1:39261 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malformed OTF file out-of-bounds memory access attempt (file-other.rules)
 * 1:39272 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShimContentFactory uninitialized pointer use attempt (file-flash.rules)
 * 1:39280 <-> DISABLED <-> FILE-FLASH Adobe Primetime SDK object type confusion overflow attempt (file-flash.rules)
 * 1:39285 <-> DISABLED <-> FILE-FLASH Adobe Flash Player loadSound use after free attempt (file-flash.rules)
 * 1:39288 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShimContentResolver out of bounds memory access attempt (file-flash.rules)
 * 1:39290 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Primetime SDK ShimContentResolver out of bounds memory access attempt (file-flash.rules)
 * 1:39298 <-> DISABLED <-> FILE-FLASH Adobe Flash player retrieveResolvers memory corruption attempt (file-flash.rules)
 * 1:39305 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Primetime SDK ShimContentResolver out of bounds memory access attempt (file-flash.rules)
 * 1:39319 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShimOpportunityGenerator out of bounds memory access attempt (file-flash.rules)
 * 1:39398 <-> DISABLED <-> SERVER-WEBAPP Symantec SEPM management console cross site scripting attempt (server-webapp.rules)
 * 1:39402 <-> DISABLED <-> FILE-OTHER Symantec Antivirus ALPkOldFormatDecompressor out of bounds read attempt (file-other.rules)
 * 1:39441 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer overflow attempt (file-flash.rules)
 * 1:39457 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer underflow attempt (file-flash.rules)
 * 1:39505 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Edge text node table-cell use after free attempt (browser-ie.rules)
 * 1:39524 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel empty bookViews element denial of service attempt (file-office.rules)
 * 1:39525 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel empty bookViews element denial of service attempt (file-office.rules)
 * 1:39540 <-> DISABLED <-> FILE-FLASH Adobe Flash Player local-with-filesystem security bypass attempt (file-flash.rules)
 * 1:39543 <-> DISABLED <-> FILE-FLASH Adobe Flash Player local-with-filesystem security bypass attempt (file-flash.rules)
 * 1:39564 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TimedEvent memory corruption attempt (file-flash.rules)
 * 1:39685 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Tinba variant outbound connection (malware-cnc.rules)
 * 1:39687 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed embeded TTF file memory corruption attempt (file-pdf.rules)
 * 1:39690 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ABRControlParameters access memory corruption attempt (file-flash.rules)
 * 1:39702 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MediaPlayerItemLoader out of bounds memory access attempt (file-flash.rules)
 * 1:39799 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader raster image memory corruption attempt (file-pdf.rules)
 * 1:39824 <-> DISABLED <-> OS-WINDOWS Microsoft Windows GDI emf file integer overflow attempt (os-windows.rules)
 * 1:39843 <-> DISABLED <-> OS-WINDOWS Microsoft Windows gdiplus EMF EmrText out of bounds write attempt (os-windows.rules)
 * 1:39851 <-> DISABLED <-> INDICATOR-COMPROMISE Connection to malware sinkhole - CERT.PL (indicator-compromise.rules)
 * 1:39893 <-> DISABLED <-> OS-LINUX Linux Kernel USBIP out of bounds write attempt (os-linux.rules)
 * 1:39894 <-> DISABLED <-> OS-LINUX Linux Kernel USBIP out of bounds write attempt (os-linux.rules)
 * 1:40075 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel LPenHelper out of bounds write attempt (file-office.rules)
 * 1:40076 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel LPenHelper out of bounds write attempt (file-office.rules)
 * 1:40102 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40103 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40104 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40105 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40106 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40107 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40116 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40117 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40121 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40122 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40152 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DRMManager memory corruption attempt (file-flash.rules)
 * 1:40167 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShimContentResolver out of bounds memory access attempt (file-flash.rules)
 * 1:40178 <-> DISABLED <-> FILE-FLASH Adobe Flash Player local-with-filesystem sandbox escape attempt (file-flash.rules)
 * 1:40236 <-> DISABLED <-> FILE-PDF Adobe Reader embedded font out of bounds memory access attempt (file-pdf.rules)
 * 1:40237 <-> DISABLED <-> FILE-PDF Adobe Reader embedded font out of bounds memory access attempt (file-pdf.rules)
 * 1:40312 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CTreePos type confusion attempt (browser-ie.rules)
 * 1:40375 <-> DISABLED <-> OS-WINDOWS Microsoft Windows insecure BoundaryDescriptor privilege escalation attempt (os-windows.rules)
 * 1:40425 <-> DISABLED <-> OS-WINDOWS Microsoft Windows GDI+ EMF buffer overread attempt (os-windows.rules)
 * 1:40503 <-> DISABLED <-> FILE-FLASH Adobe Flash Player QOSProvider use-after-free attempt (file-flash.rules)
 * 1:40706 <-> DISABLED <-> FILE-OTHER Microsoft Windows OTF cmap table parsing integer overflow attempt (file-other.rules)
 * 1:40717 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel LPenHelper use after free attempt (file-office.rules)
 * 1:40718 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel LPenHelper use after free attempt (file-office.rules)
 * 1:40737 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Primetime SDK AdvertisingMetadata type confustion attempt (file-flash.rules)
 * 1:40743 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource use after free attempt (file-flash.rules)
 * 1:40753 <-> ENABLED <-> EXPLOIT-KIT Rig exploit kit outbound communication (exploit-kit.rules)
 * 1:40813 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight GetChar out of bounds read attempt (browser-plugins.rules)
 * 1:40814 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight GetChar out of bounds read attempt (browser-plugins.rules)
 * 1:40934 <-> DISABLED <-> FILE-EXECUTABLE Nvidia Windows kernel mode driver denial of service attempt (file-executable.rules)
 * 1:40957 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel security descriptor out of bounds read attempt (file-office.rules)
 * 1:40958 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel security descriptor out of bounds read attempt (file-office.rules)
 * 1:40959 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ddeService command execution attempt (file-office.rules)
 * 1:40960 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ddeService command execution attempt (file-office.rules)
 * 1:40983 <-> DISABLED <-> FILE-OTHER Microsoft Internet Explorer malformed ico integer overflow attempt (file-other.rules)
 * 1:41003 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Primetime SDK out of bounds read attempt (file-flash.rules)
 * 1:41015 <-> DISABLED <-> FILE-FLASH Acrobat Flash WorkerDomain memory corruption attempt (file-flash.rules)
 * 1:41026 <-> DISABLED <-> SERVER-WEBAPP Advantech WebAccess Dashboard remote code execution attempt (server-webapp.rules)
 * 1:41310 <-> DISABLED <-> FILE-IMAGE libBPG restore_tqb_pixel out of bounds write attempt (file-image.rules)
 * 1:41344 <-> DISABLED <-> FILE-OTHER CorelDRAW X8 EMF invalid ihBrush field value out of bounds read attempt (file-other.rules)
 * 1:41358 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Primetime SDK ShimContentResolver memory corruption attempt (file-flash.rules)
 * 1:41515 <-> DISABLED <-> POLICY-OTHER McAfee Virus Scan Linux outdated version detected (policy-other.rules)
 * 1:41516 <-> DISABLED <-> SERVER-WEBAPP McAfee Virus Scan Linux file existence test attempt (server-webapp.rules)
 * 1:41521 <-> DISABLED <-> SERVER-WEBAPP McAfee Virus Scan Linux cross site scripting attempt (server-webapp.rules)
 * 1:41565 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:41566 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:41601 <-> DISABLED <-> FILE-PDF Microsoft Edge PDF Builder out of bounds read attempt (file-pdf.rules)
 * 1:41602 <-> DISABLED <-> FILE-PDF Microsoft Edge PDF Builder out of bounds read attempt (file-pdf.rules)
 * 1:41624 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MessageChannel type confusion attempt (file-flash.rules)
 * 1:41630 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PSDK EventDispatch removeEventListener use after free attempt (file-flash.rules)
 * 1:41680 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShimContentResolver out of bounds memory access attempt (file-flash.rules)
 * 1:41681 <-> DISABLED <-> SERVER-WEBAPP McAfee Virus Scan Linux remote code execution attempt (server-webapp.rules)
 * 1:41783 <-> ENABLED <-> EXPLOIT-KIT Rig exploit kit URL outbound communication (exploit-kit.rules)
 * 1:41818 <-> DISABLED <-> SERVER-APACHE Apache Struts remote code execution attempt (server-apache.rules)
 * 1:41819 <-> DISABLED <-> SERVER-APACHE Apache Struts remote code execution attempt (server-apache.rules)
 * 1:41976 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel shared strings memory corruption attempt (file-office.rules)
 * 1:41977 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel shared strings memory corruption attempt (file-office.rules)
 * 1:41979 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel shared strings memory corruption attempt (file-office.rules)
 * 1:41980 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel shared strings memory corruption attempt (file-office.rules)
 * 1:42080 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Jenxcus outbound connection with unique User-Agent (malware-cnc.rules)
 * 1:42097 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Resolution Opportunity parameter memory corruption attempt (file-flash.rules)
 * 1:42150 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malformed OTF file out-of-bounds memory access attempt (file-other.rules)
 * 1:42151 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malformed OTF file out-of-bounds memory access attempt (file-other.rules)
 * 1:42161 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel  out of bounds memory attempt (file-office.rules)
 * 1:42162 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel out of bounds memory attempt (file-office.rules)
 * 1:42222 <-> DISABLED <-> SERVER-WEBAPP Moxa MX Studio login page denial of service attempt (server-webapp.rules)
 * 1:42372 <-> ENABLED <-> POLICY-OTHER eicar file detected (policy-other.rules)
 * 1:42373 <-> ENABLED <-> POLICY-OTHER eicar file detected (policy-other.rules)
 * 1:42374 <-> ENABLED <-> POLICY-OTHER eicar file detected (policy-other.rules)
 * 1:42375 <-> ENABLED <-> POLICY-OTHER eicar file detected (policy-other.rules)
 * 1:42376 <-> ENABLED <-> POLICY-OTHER eicar file detected (policy-other.rules)
 * 1:42810 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData out of bounds memory access attempt (file-flash.rules)
 * 1:42811 <-> DISABLED <-> BROWSER-IE Microsoft Edge Chakra Engine use-after-free attempt (browser-ie.rules)
 * 1:42812 <-> DISABLED <-> BROWSER-IE Microsoft Edge Chakra Engine use-after-free attempt (browser-ie.rules)
 * 1:42816 <-> DISABLED <-> FILE-FLASH Adobe Flash Player display object mask use after free attempt (file-flash.rules)
 * 1:42817 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayObject use after free attempt (file-flash.rules)
 * 1:42902 <-> DISABLED <-> FILE-OFFICE Microsoft Office EPS restore command use after free attempt (file-office.rules)
 * 1:39033 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASSetNative use-after-free attempt (file-flash.rules)
 * 1:43406 <-> DISABLED <-> FILE-FLASH Adobe Flash Player determinePreferredLocales out of bounds memory read attempt (file-flash.rules)
 * 1:43625 <-> DISABLED <-> SERVER-WEBAPP Axis M3004 remote code execution attempt (server-webapp.rules)
 * 1:31033 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Cryptodefence variant outbound connection (malware-cnc.rules)
 * 1:36707 <-> DISABLED <-> FILE-OFFICE Microsoft Office malformed odttf integer overflow attempt (file-office.rules)
 * 1:36708 <-> DISABLED <-> FILE-OFFICE Microsoft Office malformed odttf integer overflow attempt (file-office.rules)
 * 1:36713 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ClickOnce information disclosure attempt (os-windows.rules)
 * 1:36714 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel slicer style use-after-free attempt (file-office.rules)
 * 1:36715 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel slicer style use-after-free attempt (file-office.rules)
 * 1:36751 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel MdCallBack out of bounds read attempt (file-office.rules)
 * 1:36752 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel MdCallBack out of bounds read attempt (file-office.rules)
 * 1:36812 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer nonexistent attribute removal memory corruption attempt (browser-ie.rules)
 * 1:36819 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:36820 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:36821 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:36822 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:36829 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 actionExtends use-after-free attempt (file-flash.rules)
 * 1:36830 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 actionExtends use-after-free attempt (file-flash.rules)
 * 1:36831 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 actionExtends use-after-free attempt (file-flash.rules)
 * 1:36832 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 actionExtends use-after-free attempt (file-flash.rules)
 * 1:36846 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 TextField gridFitType use after free attempt (file-flash.rules)
 * 1:36859 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36860 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36863 <-> DISABLED <-> FILE-FLASH Adobe Flash Player attachsound use-after-free attempt (file-flash.rules)
 * 1:36864 <-> DISABLED <-> FILE-FLASH Adobe Flash Player attachsound use-after-free attempt (file-flash.rules)
 * 1:36883 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:36960 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word XML parsing use after free attempt (file-office.rules)
 * 1:36961 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word XML parsing use after free attempt (file-office.rules)
 * 1:36998 <-> DISABLED <-> OS-WINDOWS Microsoft .NET Silverlight manifest resource file information disclosure attempt (os-windows.rules)
 * 1:37071 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter integer overflow attempt (file-flash.rules)
 * 1:37072 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter integer overflow attempt (file-flash.rules)
 * 1:37074 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter integer overflow attempt (file-flash.rules)
 * 1:37075 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter integer overflow attempt (file-flash.rules)
 * 1:37081 <-> DISABLED <-> FILE-FLASH Adobe Flash Player String length heap buffer overflow attempt (file-flash.rules)
 * 1:37082 <-> DISABLED <-> FILE-FLASH Adobe Flash Player String length heap buffer overflow attempt (file-flash.rules)
 * 1:37085 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array memory corruption attempt (file-flash.rules)
 * 1:37086 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array memory corruption attempt (file-flash.rules)
 * 1:37090 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PrintJob object use-after-free attempt (file-flash.rules)
 * 1:37091 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PrintJob object use-after-free attempt (file-flash.rules)
 * 1:37092 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SoundURLStream memory corruption attempt (file-flash.rules)
 * 1:37094 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SoundURLStream memory corruption attempt (file-flash.rules)
 * 1:37105 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MovieClip object use-after-free attempt (file-flash.rules)
 * 1:37106 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MovieClip object use-after-free attempt (file-flash.rules)
 * 1:37109 <-> DISABLED <-> FILE-FLASH Adobe Flash Player selection.setFocus use after free attempt (file-flash.rules)
 * 1:37110 <-> DISABLED <-> FILE-FLASH Adobe Flash Player selection.setFocus use after free attempt (file-flash.rules)
 * 1:37118 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (file-flash.rules)
 * 1:37119 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (file-flash.rules)
 * 1:37121 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MP3 ID3 data parsing heap buffer overflow attempt (file-flash.rules)
 * 1:37123 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MP3 ID3 data parsing heap buffer overflow attempt (file-flash.rules)
 * 1:37128 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 setTransform use-after-free attempt (file-flash.rules)
 * 1:37129 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 setTransform use-after-free attempt (file-flash.rules)
 * 1:37135 <-> DISABLED <-> SERVER-WEBAPP Fireeye Java decompiler reflection remote code execution attempt (server-webapp.rules)
 * 1:37136 <-> DISABLED <-> SERVER-WEBAPP Fireeye Java decompiler reflection remote code execution attempt (server-webapp.rules)
 * 1:37144 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SetSlot type confusion attempt (file-flash.rules)
 * 1:37145 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SetSlot type confusion attempt (file-flash.rules)
 * 1:37157 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject send stack buffer overflow attempt (file-flash.rules)
 * 1:37159 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject send stack buffer overflow attempt (file-flash.rules)
 * 1:37160 <-> DISABLED <-> FILE-FLASH Adobe Flash Player oversize source bitmap memory corruption attempt (file-flash.rules)
 * 1:37161 <-> DISABLED <-> FILE-FLASH Adobe Flash Player oversize source bitmap memory corruption attempt (file-flash.rules)
 * 1:37167 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLStream use after free attempt (file-flash.rules)
 * 1:37168 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLStream use after free attempt (file-flash.rules)
 * 1:37169 <-> DISABLED <-> FILE-FLASH Adobe Flash Player heap memory disclosure via custom valueOf handler attempt (file-flash.rules)
 * 1:37170 <-> DISABLED <-> FILE-FLASH Adobe Flash Player heap memory disclosure via custom valueOf handler attempt (file-flash.rules)
 * 1:37171 <-> DISABLED <-> FILE-FLASH Adobe Flash Player heap memory disclosure via custom valueOf handler attempt (file-flash.rules)
 * 1:37172 <-> DISABLED <-> FILE-FLASH Adobe Flash Player heap memory disclosure via custom valueOf handler attempt (file-flash.rules)
 * 1:37178 <-> DISABLED <-> FILE-FLASH Adobe Flash Player M3U8 parser logic memory corruption attempt (file-flash.rules)
 * 1:37180 <-> DISABLED <-> FILE-FLASH Adobe Flash Player M3U8 parser logic memory corruption attempt (file-flash.rules)
 * 1:37183 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextFormat.tabStops use after free attempt (file-flash.rules)
 * 1:37184 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextFormat.tabStops use after free attempt (file-flash.rules)
 * 1:37185 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextFormat.tabStops use after free attempt (file-flash.rules)
 * 1:37186 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextFormat.tabStops use after free attempt (file-flash.rules)
 * 1:37205 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object.addProperty method use after free attempt (file-flash.rules)
 * 1:37206 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object.addProperty method use after free attempt (file-flash.rules)
 * 1:37208 <-> DISABLED <-> FILE-FLASH Adobe Flash Player LoadVars decode use after free attempt (file-flash.rules)
 * 1:37210 <-> DISABLED <-> FILE-FLASH Adobe Flash Player LoadVars decode use after free attempt (file-flash.rules)
 * 1:37216 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MovieClip setMask use after free attempt (file-flash.rules)
 * 1:37218 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MovieClip setMask use after free attempt (file-flash.rules)
 * 1:37237 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object hasOwnProperty use after free attempt (file-flash.rules)
 * 1:37239 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object hasOwnProperty use after free attempt (file-flash.rules)
 * 1:37247 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeMovieClip use after free attempt (file-flash.rules)
 * 1:37248 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeMovieClip use after free attempt (file-flash.rules)
 * 1:37249 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeMovieClip use after free attempt (file-flash.rules)
 * 1:37259 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel mso20win32client use after free attempt (file-office.rules)
 * 1:37265 <-> DISABLED <-> FILE-OFFICE Microsoft Office metafile conversion out of bounds read attempt (file-office.rules)
 * 1:37266 <-> DISABLED <-> FILE-OFFICE Microsoft Office metafile conversion out of bounds read attempt (file-office.rules)
 * 1:37267 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight GetChar out of bounds read attempt (browser-plugins.rules)
 * 1:37268 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight GetChar out of bounds read attempt (browser-plugins.rules)
 * 1:37345 <-> DISABLED <-> FILE-FLASH Adobe Flash Player improper display list handling memory corruption attempt (file-flash.rules)
 * 1:37347 <-> DISABLED <-> FILE-FLASH Adobe Flash Player improper display list handling memory corruption attempt (file-flash.rules)
 * 1:37399 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader custom string length function memory corruption attempt (file-pdf.rules)
 * 1:37525 <-> DISABLED <-> SERVER-OTHER NTP arbitrary pidfile and driftfile overwrite attempt (server-other.rules)
 * 1:37550 <-> DISABLED <-> EXPLOIT-KIT Nuclear landing page detected (exploit-kit.rules)
 * 1:37592 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel formula length heap corruption attempt (file-office.rules)
 * 1:37593 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel formula length heap corruption attempt (file-office.rules)
 * 1:37600 <-> DISABLED <-> FILE-OFFICE Microsoft Powerpoint shape objects null pointer dereference memory corruption attempt (file-office.rules)
 * 1:37601 <-> DISABLED <-> FILE-OFFICE Microsoft Powerpoint shape objects null pointer dereference memory corruption attempt (file-office.rules)
 * 1:37664 <-> DISABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 1:37670 <-> DISABLED <-> FILE-FLASH Adobe Flash Player convolution filter use-after-free attempt (file-flash.rules)
 * 1:37671 <-> DISABLED <-> FILE-FLASH Adobe Flash Player convolution filter use-after-free attempt (file-flash.rules)
 * 1:37700 <-> DISABLED <-> FILE-OFFICE Microsoft Office ole object external file loading attempt (file-office.rules)
 * 1:37702 <-> DISABLED <-> FILE-OFFICE Microsoft Office ole object external file loading attempt (file-office.rules)
 * 1:37703 <-> DISABLED <-> FILE-OFFICE Microsoft Office ole object external file loading attempt (file-office.rules)
 * 1:37704 <-> DISABLED <-> FILE-OFFICE Microsoft Office ole object external file loading attempt (file-office.rules)
 * 1:37705 <-> DISABLED <-> FILE-OFFICE Microsoft Office ole object external file loading attempt (file-office.rules)
 * 1:37706 <-> DISABLED <-> FILE-OFFICE Microsoft Office ole object external file loading attempt (file-office.rules)
 * 1:37711 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:37726 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:37727 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:37734 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Point object integer overflow attempt (file-flash.rules)
 * 1:37736 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Point object integer overflow attempt (file-flash.rules)
 * 1:37740 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BlurFilter memory corruption attempt (file-flash.rules)
 * 1:37741 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BlurFilter memory corruption attempt (file-flash.rules)
 * 1:37744 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextLine memory corruption attempt (file-flash.rules)
 * 1:37745 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextLine memory corruption attempt (file-flash.rules)
 * 1:37754 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Point object integer overflow attempt (file-flash.rules)
 * 1:37755 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Point object integer overflow attempt (file-flash.rules)
 * 1:37757 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid sourceRect copyPixels heap corruption attempt (file-flash.rules)
 * 1:37758 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid sourceRect copyPixels heap corruption attempt (file-flash.rules)
 * 1:37761 <-> DISABLED <-> FILE-FLASH Adobe Flash Player rectangle auxiliary method integer overflow attempt (file-flash.rules)
 * 1:37764 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData method memory corruption attempt (file-flash.rules)
 * 1:37770 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative custom getter use after free attempt (file-flash.rules)
 * 1:37771 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative custom getter use after free attempt (file-flash.rules)
 * 1:37774 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript constructor use after free attempt (file-flash.rules)
 * 1:37776 <-> DISABLED <-> FILE-FLASH Adobe Flash Player LoadVars use-after-free attempt (file-flash.rules)
 * 1:37777 <-> DISABLED <-> FILE-FLASH Adobe Flash Player LoadVars use-after-free attempt (file-flash.rules)
 * 1:37783 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed Adobe Texture Format heap overflow attempt (file-flash.rules)
 * 1:37790 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative use after free attempt (file-flash.rules)
 * 1:37792 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative use after free attempt (file-flash.rules)
 * 1:37797 <-> DISABLED <-> FILE-FLASH Adobe Flash Player rectangle memory access violation attempt (file-flash.rules)
 * 1:37798 <-> DISABLED <-> FILE-FLASH Adobe Flash Player rectangle memory access violation attempt (file-flash.rules)
 * 1:37801 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (browser-plugins.rules)
 * 1:37808 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer underflow attempt (file-flash.rules)
 * 1:37824 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:37825 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:37938 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:37939 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:38074 <-> DISABLED <-> BROWSER-IE Microsoft Edge CAsyncTpWorker Windows.Data.Pdf.dll object use after free attempt (browser-ie.rules)
 * 1:38076 <-> DISABLED <-> BROWSER-IE Microsoft Edge CAsyncTpWorker Windows.Data.Pdf.dll object use after free attempt (browser-ie.rules)
 * 1:38101 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word wwlib.dll invalid pointer read attempt (file-office.rules)
 * 1:38165 <-> DISABLED <-> FILE-FLASH Adobe Flash Player hitTest BitmapData object integer overflow attempt (file-flash.rules)
 * 1:38167 <-> DISABLED <-> FILE-FLASH Adobe Flash Player hitTest BitmapData object integer overflow attempt (file-flash.rules)
 * 1:38169 <-> DISABLED <-> FILE-FLASH Adobe Flash Player hitTest BitmapData object integer overflow attempt (file-flash.rules)
 * 1:38170 <-> DISABLED <-> FILE-FLASH Adobe Flash Player hitTest BitmapData object integer overflow attempt (file-flash.rules)
 * 1:38175 <-> DISABLED <-> FILE-FLASH Adobe Standalone Flash Player texfield getter use after free attempt (file-flash.rules)
 * 1:38179 <-> DISABLED <-> FILE-FLASH Adobe Standalone Flash Player ASnative object use after free attempt (file-flash.rules)
 * 1:38182 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 multiple axis attributes integer overflow attempt (file-flash.rules)
 * 1:38184 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 multiple axis attributes integer overflow attempt (file-flash.rules)
 * 1:38191 <-> DISABLED <-> FILE-FLASH Adobe Flash Player si32 integer overflow attempt (file-flash.rules)
 * 1:38192 <-> DISABLED <-> FILE-FLASH Adobe Flash Player si32 integer overflow attempt (file-flash.rules)
 * 1:38197 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursion calls stack overflow attempt (file-flash.rules)
 * 1:38198 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursion calls stack overflow attempt (file-flash.rules)
 * 1:38207 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MPD use-after-free attempt (file-flash.rules)
 * 1:38208 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MPD use-after-free attempt (file-flash.rules)
 * 1:38211 <-> DISABLED <-> FILE-PDF Adobe Reader JPEG 2000 chrominance subsampling memory corruption attempt (file-pdf.rules)
 * 1:38212 <-> DISABLED <-> FILE-PDF Adobe Reader JPEG 2000 chrominance subsampling memory corruption attempt (file-pdf.rules)
 * 1:38215 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData.paletteMap size mismatch integer overflow attempt (file-flash.rules)
 * 1:38216 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData.paletteMap size mismatch integer overflow attempt (file-flash.rules)
 * 1:38219 <-> DISABLED <-> FILE-FLASH Adobe Flash Player use after free attempt (file-flash.rules)
 * 1:38220 <-> DISABLED <-> FILE-FLASH Adobe Flash Player use after free (file-flash.rules)
 * 1:38223 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader annotation oversized array memory corruption attempt (file-pdf.rules)
 * 1:38239 <-> DISABLED <-> FILE-FLASH Adobe Flash Player rectangle width integer overflow attempt (file-flash.rules)
 * 1:38241 <-> DISABLED <-> FILE-FLASH Adobe Flash Player rectangle width integer overflow attempt (file-flash.rules)
 * 1:38286 <-> DISABLED <-> SERVER-WEBAPP Reprise License Manager actserver stack buffer overflow attempt (server-webapp.rules)
 * 1:38287 <-> DISABLED <-> SERVER-WEBAPP Reprise License Manager akey stack buffer overflow attempt (server-webapp.rules)
 * 1:38288 <-> DISABLED <-> SERVER-WEBAPP Reprise License Manager licfile stack buffer overflow attempt (server-webapp.rules)
 * 1:38327 <-> DISABLED <-> MALWARE-BACKDOOR ReGeorg proxy read attempt (malware-backdoor.rules)
 * 1:38405 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Transform Class Matrix AS2 use after free attempt (file-flash.rules)
 * 1:38406 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Transform Class Matrix AS2 use after free attempt (file-flash.rules)
 * 1:38409 <-> DISABLED <-> FILE-FLASH Adobe Flash Player JPEG-XR decode buffer overflow attempt (file-flash.rules)
 * 1:38410 <-> DISABLED <-> FILE-FLASH Adobe Flash Player JPEG-XR decode buffer overflow attempt (file-flash.rules)
 * 1:38413 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection to ColorMatrixFilter object type confusion attempt (file-flash.rules)
 * 1:38415 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection to ColorMatrixFilter object type confusion attempt (file-flash.rules)
 * 1:38425 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ExportAssets count memory corruption attempt (file-flash.rules)
 * 1:38430 <-> DISABLED <-> FILE-FLASH Adobe Flash Player toString type confusion memory corruption attempt (file-flash.rules)
 * 1:38433 <-> DISABLED <-> FILE-FLASH Adobe Flash Player toString type confusion memory corruption attempt (file-flash.rules)
 * 1:38481 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel msxml6 ParseElementN use after free attempt (file-office.rules)
 * 1:38482 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel msxml6 ParseElementN use after free attempt (file-office.rules)
 * 1:38577 <-> DISABLED <-> FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (file-flash.rules)
 * 1:38593 <-> DISABLED <-> EXPLOIT-KIT Nuclear Exploit Kit back end communications attempt (exploit-kit.rules)
 * 1:38631 <-> DISABLED <-> FILE-FLASH Angler exploit kit Adobe Flash SWF exploit download (file-flash.rules)
 * 1:38632 <-> DISABLED <-> FILE-FLASH Angler exploit kit Adobe Flash SWF exploit download (file-flash.rules)
 * 1:38635 <-> DISABLED <-> FILE-FLASH Nuclear exploit kit Adobe Flash SWF exploit download (file-flash.rules)
 * 1:38636 <-> DISABLED <-> FILE-FLASH Nuclear exploit kit Adobe Flash SWF exploit download (file-flash.rules)
 * 1:38729 <-> DISABLED <-> SERVER-OTHER Mediabridge Medialink MWN-WAPR300N and Tenda N3 Wireless N150 inbound admin attempt (server-other.rules)
 * 1:38772 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer EMF file integer overflow attempt (browser-ie.rules)
 * 1:38782 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word TTF out-of-bounds memory access attempt (file-office.rules)
 * 1:38783 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word TTF out-of-bounds memory access attempt (file-office.rules)
 * 1:38830 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ContentFactory memory corruption attempt (file-flash.rules)
 * 1:38832 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ContentFactory memory corruption attempt (file-flash.rules)
 * 1:38833 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ContentFactory memory corruption attempt (file-flash.rules)
 * 1:38841 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VBScript toString redim array use after free attempt (browser-ie.rules)
 * 1:38881 <-> DISABLED <-> FILE-FLASH Adobe Flash Player FileReference type confusion attempt (file-flash.rules)
 * 1:38883 <-> DISABLED <-> FILE-FLASH Adobe Flash Player FileReference type confusion attempt (file-flash.rules)
 * 1:38972 <-> DISABLED <-> FILE-FLASH Adobe Flash Player OpportunityGenerator.update memory corruption attempt (file-flash.rules)
 * 1:38973 <-> DISABLED <-> FILE-FLASH Adobe Flash Player OpportunityGenerator.update memory corruption attempt (file-flash.rules)
 * 1:38974 <-> DISABLED <-> FILE-FLASH Adobe Flash Player OpportunityGenerator.update memory corruption attempt (file-flash.rules)
 * 1:38980 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed FlateDecode stream use after free attempt (file-pdf.rules)
 * 1:38981 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed FlateDecode stream use after free attempt (file-pdf.rules)
 * 1:38996 <-> DISABLED <-> FILE-FLASH Adobe Flash Player addProperty use after free attempt (file-flash.rules)
 * 1:38998 <-> DISABLED <-> FILE-FLASH Adobe Flash Player addProperty use after free attempt (file-flash.rules)
 * 1:39009 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setMetadata memory corruption attempt (file-flash.rules)
 * 1:39010 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setMetadata memory corruption attempt (file-flash.rules)
 * 1:39013 <-> DISABLED <-> FILE-PDF Adobe Reader CTJPEGDecoderReadNextTile out of bounds read attempt (file-pdf.rules)
 * 1:39014 <-> DISABLED <-> FILE-PDF Adobe Reader CTJPEGDecoderReadNextTile out of bounds read attempt (file-pdf.rules)
 * 1:39015 <-> DISABLED <-> FILE-PDF Adobe Reader AcroForm dictionary object use after free attempt (file-pdf.rules)
 * 1:39019 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PSDK use-after-free attempt (file-flash.rules)
 * 1:39020 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PSDK use-after-free attempt (file-flash.rules)
 * 1:39022 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PSDK use-after-free attempt (file-flash.rules)
 * 1:39024 <-> DISABLED <-> FILE-FLASH Adobe Flash Player selection.setFocus use after free attempt (file-flash.rules)
 * 1:39025 <-> DISABLED <-> FILE-FLASH Adobe Flash Player selection.setFocus use after free attempt (file-flash.rules)
 * 1:39032 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASSetNative use-after-free attempt (file-flash.rules)

2020-10-29 14:07:10 UTC

Snort Subscriber Rules Update

Date: 2020-10-29

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091300.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:56150 <-> DISABLED <-> SERVER-OTHER Adobe ColdFusion DataServicesCFProxy insecure Java deserialization attempt (server-other.rules)
 * 1:56165 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.PyVil download attempt (malware-other.rules)
 * 1:56142 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.Zusy-9784403-0 download attempt (malware-other.rules)
 * 1:56163 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.PyVil download attempt (malware-other.rules)
 * 1:56167 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.PyVil download attempt (malware-other.rules)
 * 1:56164 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.PyVil download attempt (malware-other.rules)
 * 1:56141 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.Zusy-9784403-0 download attempt (malware-other.rules)
 * 1:56139 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Czxz-9784395-0 download attempt (malware-other.rules)
 * 1:56162 <-> ENABLED <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt (server-webapp.rules)
 * 1:56155 <-> DISABLED <-> SERVER-WEBAPP MobileIron Core & Connector remote code execution attempt (server-webapp.rules)
 * 1:56166 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.PyVil outbound communication attempt (malware-other.rules)
 * 1:56151 <-> DISABLED <-> SERVER-OTHER Adobe ColdFusion vulnerable DataServicesCFProxy class reference attempt (server-other.rules)
 * 1:56156 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook email parsing remote code execution attempt (file-office.rules)
 * 1:56157 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook email parsing remote code execution attempt (file-office.rules)
 * 1:56154 <-> DISABLED <-> SERVER-WEBAPP MobileIron Core & Connector remote code execution attempt (server-webapp.rules)
 * 1:56140 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Czxz-9784395-0 download attempt (malware-other.rules)
 * 3:56153 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1178 attack attempt (server-webapp.rules)
 * 3:56152 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1178 attack attempt (server-webapp.rules)
 * 3:56149 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1179 attack attempt (server-webapp.rules)
 * 3:56147 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1179 attack attempt (server-webapp.rules)
 * 3:56144 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1177 attack attempt (server-webapp.rules)
 * 3:56160 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1176 attack attempt (file-image.rules)
 * 3:56159 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1176 attack attempt (file-image.rules)
 * 3:56161 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1176 attack attempt (file-image.rules)
 * 3:56158 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1176 attack attempt (file-image.rules)
 * 3:56148 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1179 attack attempt (server-webapp.rules)
 * 3:56143 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1177 attack attempt (server-webapp.rules)
 * 3:56146 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1177 attack attempt (server-webapp.rules)
 * 3:56145 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1177 attack attempt (server-webapp.rules)

Modified Rules:


 * 1:47556 <-> DISABLED <-> MALWARE-CNC Win.Trojan.PLEAD downloader outbound connection (malware-cnc.rules)
 * 1:43913 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Professional XPS2PDF memory corruption attempt (file-other.rules)
 * 1:46583 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (malware-cnc.rules)
 * 1:45978 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB kernel heap memory leak attempt (os-windows.rules)
 * 1:46250 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Rovnix outbound connection attempt (malware-cnc.rules)
 * 1:43993 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader graphics engine memory corruption attempt (file-pdf.rules)
 * 1:44620 <-> DISABLED <-> MALWARE-CNC Android Red Alert Trojan outbound connection (malware-cnc.rules)
 * 1:46585 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (malware-cnc.rules)
 * 1:44052 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word EPS filter PostScript object use after free attempt (file-office.rules)
 * 1:44964 <-> DISABLED <-> FILE-FLASH Adobe Flash Player tvsdk object use after free attempt (file-flash.rules)
 * 1:45973 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Chafer malicious communication attempt (malware-cnc.rules)
 * 1:44688 <-> DISABLED <-> SERVER-WEBAPP Netgear DGN1000 series routers arbitrary command execution attempt (server-webapp.rules)
 * 1:46490 <-> DISABLED <-> FILE-PDF Adobe Flash Player ActionScript setFocus use after free attempt (file-pdf.rules)
 * 1:44621 <-> DISABLED <-> MALWARE-CNC Android Red Alert Trojan outbound connection (malware-cnc.rules)
 * 1:44016 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Rectangle constructor use after free attempt (file-flash.rules)
 * 1:45909 <-> DISABLED <-> MALWARE-CNC CobaltStrike trial version inbound beacon response (malware-cnc.rules)
 * 1:46135 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Krodown variant connection attempt (malware-cnc.rules)
 * 1:45682 <-> DISABLED <-> SERVER-OTHER HP Integrated Lights-Out HTTP headers processing buffer overflow attempt (server-other.rules)
 * 1:45923 <-> DISABLED <-> EXPLOIT-KIT Terror EK dll download attempt (exploit-kit.rules)
 * 1:44929 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF out of bounds write attempt (file-image.rules)
 * 1:43901 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Professional XPS2PDF memory corruption attempt (file-other.rules)
 * 1:46744 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dropper malicious executable download attempt (malware-cnc.rules)
 * 1:45904 <-> DISABLED <-> MALWARE-BACKDOOR CobaltStrike inbound beacon download (malware-backdoor.rules)
 * 1:44361 <-> DISABLED <-> SERVER-WEBAPP Trend Micro proxy_controller.php command injection attempt (server-webapp.rules)
 * 1:46782 <-> DISABLED <-> MALWARE-CNC Unix.Trojan.Vpnfilter variant SSL connection attempt (malware-cnc.rules)
 * 1:44622 <-> DISABLED <-> MALWARE-CNC Android Red Alert Trojan outbound connection (malware-cnc.rules)
 * 1:45976 <-> DISABLED <-> SERVER-WEBAPP Pivotal Spring Data REST PATCH request remote code execution attempt (server-webapp.rules)
 * 1:44338 <-> DISABLED <-> BROWSER-IE Microsoft Edge denial of service attempt (browser-ie.rules)
 * 1:43994 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader graphics engine memory corruption attempt (file-pdf.rules)
 * 1:44657 <-> DISABLED <-> SERVER-WEBAPP Unitrends Enterprise Backup API SQL injection attempt (server-webapp.rules)
 * 1:44619 <-> DISABLED <-> MALWARE-CNC Android Red Alert Trojan outbound connection (malware-cnc.rules)
 * 1:46372 <-> DISABLED <-> PUA-OTHER Moonify TLS client hello attempt (pua-other.rules)
 * 1:44431 <-> DISABLED <-> FILE-OFFICE Fin7 Maldoc campaign exploitation attempt  (file-office.rules)
 * 1:43865 <-> DISABLED <-> FILE-IMAGE Adobe Reader EMF EMR_MOVETOEX memory corruption attempt (file-image.rules)
 * 1:46491 <-> DISABLED <-> FILE-PDF Adobe Flash Player ActionScript setFocus use after free attempt (file-pdf.rules)
 * 1:45972 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Chafer malicious communication attempt (malware-cnc.rules)
 * 1:43967 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Acrobat Professional EMF malformed EMR_POLYBEZIERTO16 out of bounds access attempt (file-multimedia.rules)
 * 1:44885 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat XPS unicode glyph pointer out of bounds (file-image.rules)
 * 1:46584 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (malware-cnc.rules)
 * 1:45771 <-> DISABLED <-> MALWARE-CNC Win.Trojan.CannibalRAT initial outbound connection (malware-cnc.rules)
 * 1:44564 <-> DISABLED <-> MALWARE-CNC PowerShell Empire variant outbound connection (malware-cnc.rules)
 * 1:45564 <-> DISABLED <-> MALWARE-CNC Unix.Trojan.Vpnfilter variant outbound connection attempt (malware-cnc.rules)
 * 1:45336 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ursnif variant outbound connection attempt (malware-cnc.rules)
 * 1:44017 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Rectangle constructor use after free attempt (file-flash.rules)
 * 1:45371 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word docx subDocument file include attempt (file-office.rules)
 * 1:44430 <-> DISABLED <-> FILE-OFFICE Fin7 Maldoc campaign exploitation attempt  (file-office.rules)
 * 1:45162 <-> DISABLED <-> BROWSER-IE Microsoft Edge memory corruption attempt (browser-ie.rules)
 * 1:46249 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Rovnix outbound connection attempt (malware-cnc.rules)
 * 1:45370 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word docx subDocument file include attempt (file-office.rules)
 * 1:46586 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (malware-cnc.rules)
 * 1:44880 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF EMR_STRETCHDIBITS memory corruption attempt (file-image.rules)
 * 1:46783 <-> DISABLED <-> MALWARE-CNC Unix.Trojan.Vpnfilter variant SSL connection attempt (malware-cnc.rules)
 * 1:45773 <-> DISABLED <-> MALWARE-CNC Win.Trojan.CannibalRAT outbound upload attempt (malware-cnc.rules)
 * 1:44646 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.BadRabbit propagation via SVCCTL remote service attempt (malware-other.rules)
 * 1:47358 <-> DISABLED <-> SERVER-WEBAPP CCTV-DVR command injection attempt (server-webapp.rules)
 * 1:47678 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Torpplar variant outbound connection (malware-cnc.rules)
 * 1:43790 <-> DISABLED <-> SERVER-OTHER Apache mod_auth_digest out of bounds read attempt (server-other.rules)
 * 1:47148 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ursnif malicious file download (malware-cnc.rules)
 * 1:47242 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Mylobot additional payload download (malware-cnc.rules)
 * 1:47241 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Mylobot additional payload download (malware-cnc.rules)
 * 1:47175 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ddeService command execution attempt (file-office.rules)
 * 1:47701 <-> DISABLED <-> MALWARE-CNC Win.Backdoor.Iniduoh variant outbound connection (malware-cnc.rules)
 * 1:49255 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:49311 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:49376 <-> DISABLED <-> SERVER-APACHE Apache Struts remote code execution attempt (server-apache.rules)
 * 1:43406 <-> DISABLED <-> FILE-FLASH Adobe Flash Player determinePreferredLocales out of bounds memory read attempt (file-flash.rules)
 * 1:49788 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Zacinlo outbound connection (malware-cnc.rules)
 * 1:47557 <-> DISABLED <-> MALWARE-CNC Win.Trojan.PLEAD downloader outbound connection (malware-cnc.rules)
 * 1:45922 <-> DISABLED <-> EXPLOIT-KIT Terror EK exe download attempt (exploit-kit.rules)
 * 1:45772 <-> DISABLED <-> MALWARE-CNC Win.Trojan.CannibalRAT outbound reporting attempt (malware-cnc.rules)
 * 1:46137 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Cidox variant outbound connection attempt (malware-cnc.rules)
 * 1:49789 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Zacinlo outbound connection (malware-cnc.rules)
 * 1:46371 <-> DISABLED <-> PUA-OTHER Moonify TLS server hello attempt (pua-other.rules)
 * 1:46793 <-> DISABLED <-> OS-WINDOWS Malicious zip download attempt (os-windows.rules)
 * 1:45169 <-> DISABLED <-> BROWSER-IE Microsoft Edge array type confusion attempt (browser-ie.rules)
 * 1:45131 <-> DISABLED <-> OS-WINDOWS Microsoft Windows RRAS service arbitrary pointer dereference attempt (os-windows.rules)
 * 1:56130 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:45117 <-> DISABLED <-> SERVER-WEBAPP Huawei DeviceUpgrade command injection attempt (server-webapp.rules)
 * 1:43912 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Professional XPS2PDF memory corruption attempt (file-other.rules)
 * 1:45642 <-> DISABLED <-> MALWARE-CNC Vbs.Trojan.Agent outbound connection (malware-cnc.rules)
 * 1:45132 <-> DISABLED <-> FILE-OFFICE Microsoft Office Equation Editor object stack buffer overflow attempt (file-office.rules)
 * 1:44969 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF EmfPlusFont memory corruption attempt (file-image.rules)
 * 1:56131 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56132 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56133 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56138 <-> ENABLED <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt (server-webapp.rules)
 * 1:47056 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel empty bookViews element denial of service attempt (file-office.rules)
 * 1:46989 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.MBRLock file download (malware-other.rules)
 * 1:44892 <-> DISABLED <-> FILE-FLASH Adobe Flash Player determinePreferredLocales memory corruption attempt (file-flash.rules)
 * 1:47006 <-> DISABLED <-> MALWARE-CNC Win.Trojan.SocketPlayer outbound connection (malware-cnc.rules)
 * 1:31033 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Cryptodefence variant outbound connection (malware-cnc.rules)
 * 1:36707 <-> DISABLED <-> FILE-OFFICE Microsoft Office malformed odttf integer overflow attempt (file-office.rules)
 * 1:36708 <-> DISABLED <-> FILE-OFFICE Microsoft Office malformed odttf integer overflow attempt (file-office.rules)
 * 1:36713 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ClickOnce information disclosure attempt (os-windows.rules)
 * 1:36714 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel slicer style use-after-free attempt (file-office.rules)
 * 1:36715 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel slicer style use-after-free attempt (file-office.rules)
 * 1:36751 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel MdCallBack out of bounds read attempt (file-office.rules)
 * 1:36752 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel MdCallBack out of bounds read attempt (file-office.rules)
 * 1:36812 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer nonexistent attribute removal memory corruption attempt (browser-ie.rules)
 * 1:36819 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:43625 <-> DISABLED <-> SERVER-WEBAPP Axis M3004 remote code execution attempt (server-webapp.rules)
 * 1:36820 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:36821 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:36822 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:36829 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 actionExtends use-after-free attempt (file-flash.rules)
 * 1:36830 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 actionExtends use-after-free attempt (file-flash.rules)
 * 1:36831 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 actionExtends use-after-free attempt (file-flash.rules)
 * 1:36832 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 actionExtends use-after-free attempt (file-flash.rules)
 * 1:36846 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 TextField gridFitType use after free attempt (file-flash.rules)
 * 1:36859 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36860 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36863 <-> DISABLED <-> FILE-FLASH Adobe Flash Player attachsound use-after-free attempt (file-flash.rules)
 * 1:36864 <-> DISABLED <-> FILE-FLASH Adobe Flash Player attachsound use-after-free attempt (file-flash.rules)
 * 1:36883 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:36960 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word XML parsing use after free attempt (file-office.rules)
 * 1:36961 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word XML parsing use after free attempt (file-office.rules)
 * 1:36998 <-> DISABLED <-> OS-WINDOWS Microsoft .NET Silverlight manifest resource file information disclosure attempt (os-windows.rules)
 * 1:37071 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter integer overflow attempt (file-flash.rules)
 * 1:37072 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter integer overflow attempt (file-flash.rules)
 * 1:37074 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter integer overflow attempt (file-flash.rules)
 * 1:37075 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter integer overflow attempt (file-flash.rules)
 * 1:37081 <-> DISABLED <-> FILE-FLASH Adobe Flash Player String length heap buffer overflow attempt (file-flash.rules)
 * 1:37082 <-> DISABLED <-> FILE-FLASH Adobe Flash Player String length heap buffer overflow attempt (file-flash.rules)
 * 1:37085 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array memory corruption attempt (file-flash.rules)
 * 1:37086 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array memory corruption attempt (file-flash.rules)
 * 1:37090 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PrintJob object use-after-free attempt (file-flash.rules)
 * 1:37091 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PrintJob object use-after-free attempt (file-flash.rules)
 * 1:37092 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SoundURLStream memory corruption attempt (file-flash.rules)
 * 1:37094 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SoundURLStream memory corruption attempt (file-flash.rules)
 * 1:37105 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MovieClip object use-after-free attempt (file-flash.rules)
 * 1:37106 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MovieClip object use-after-free attempt (file-flash.rules)
 * 1:37109 <-> DISABLED <-> FILE-FLASH Adobe Flash Player selection.setFocus use after free attempt (file-flash.rules)
 * 1:37110 <-> DISABLED <-> FILE-FLASH Adobe Flash Player selection.setFocus use after free attempt (file-flash.rules)
 * 1:37118 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (file-flash.rules)
 * 1:37119 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (file-flash.rules)
 * 1:37121 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MP3 ID3 data parsing heap buffer overflow attempt (file-flash.rules)
 * 1:37123 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MP3 ID3 data parsing heap buffer overflow attempt (file-flash.rules)
 * 1:37128 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 setTransform use-after-free attempt (file-flash.rules)
 * 1:37129 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 setTransform use-after-free attempt (file-flash.rules)
 * 1:37135 <-> DISABLED <-> SERVER-WEBAPP Fireeye Java decompiler reflection remote code execution attempt (server-webapp.rules)
 * 1:37136 <-> DISABLED <-> SERVER-WEBAPP Fireeye Java decompiler reflection remote code execution attempt (server-webapp.rules)
 * 1:37144 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SetSlot type confusion attempt (file-flash.rules)
 * 1:37145 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SetSlot type confusion attempt (file-flash.rules)
 * 1:37157 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject send stack buffer overflow attempt (file-flash.rules)
 * 1:37159 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject send stack buffer overflow attempt (file-flash.rules)
 * 1:37160 <-> DISABLED <-> FILE-FLASH Adobe Flash Player oversize source bitmap memory corruption attempt (file-flash.rules)
 * 1:37161 <-> DISABLED <-> FILE-FLASH Adobe Flash Player oversize source bitmap memory corruption attempt (file-flash.rules)
 * 1:37167 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLStream use after free attempt (file-flash.rules)
 * 1:37168 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLStream use after free attempt (file-flash.rules)
 * 1:37169 <-> DISABLED <-> FILE-FLASH Adobe Flash Player heap memory disclosure via custom valueOf handler attempt (file-flash.rules)
 * 1:37170 <-> DISABLED <-> FILE-FLASH Adobe Flash Player heap memory disclosure via custom valueOf handler attempt (file-flash.rules)
 * 1:37171 <-> DISABLED <-> FILE-FLASH Adobe Flash Player heap memory disclosure via custom valueOf handler attempt (file-flash.rules)
 * 1:37172 <-> DISABLED <-> FILE-FLASH Adobe Flash Player heap memory disclosure via custom valueOf handler attempt (file-flash.rules)
 * 1:37178 <-> DISABLED <-> FILE-FLASH Adobe Flash Player M3U8 parser logic memory corruption attempt (file-flash.rules)
 * 1:37180 <-> DISABLED <-> FILE-FLASH Adobe Flash Player M3U8 parser logic memory corruption attempt (file-flash.rules)
 * 1:37183 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextFormat.tabStops use after free attempt (file-flash.rules)
 * 1:37184 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextFormat.tabStops use after free attempt (file-flash.rules)
 * 1:37185 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextFormat.tabStops use after free attempt (file-flash.rules)
 * 1:37186 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextFormat.tabStops use after free attempt (file-flash.rules)
 * 1:37205 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object.addProperty method use after free attempt (file-flash.rules)
 * 1:37206 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object.addProperty method use after free attempt (file-flash.rules)
 * 1:37208 <-> DISABLED <-> FILE-FLASH Adobe Flash Player LoadVars decode use after free attempt (file-flash.rules)
 * 1:37210 <-> DISABLED <-> FILE-FLASH Adobe Flash Player LoadVars decode use after free attempt (file-flash.rules)
 * 1:37216 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MovieClip setMask use after free attempt (file-flash.rules)
 * 1:37218 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MovieClip setMask use after free attempt (file-flash.rules)
 * 1:37237 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object hasOwnProperty use after free attempt (file-flash.rules)
 * 1:37239 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object hasOwnProperty use after free attempt (file-flash.rules)
 * 1:37247 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeMovieClip use after free attempt (file-flash.rules)
 * 1:37248 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeMovieClip use after free attempt (file-flash.rules)
 * 1:37249 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeMovieClip use after free attempt (file-flash.rules)
 * 1:37259 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel mso20win32client use after free attempt (file-office.rules)
 * 1:37265 <-> DISABLED <-> FILE-OFFICE Microsoft Office metafile conversion out of bounds read attempt (file-office.rules)
 * 1:37266 <-> DISABLED <-> FILE-OFFICE Microsoft Office metafile conversion out of bounds read attempt (file-office.rules)
 * 1:37267 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight GetChar out of bounds read attempt (browser-plugins.rules)
 * 1:37268 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight GetChar out of bounds read attempt (browser-plugins.rules)
 * 1:37345 <-> DISABLED <-> FILE-FLASH Adobe Flash Player improper display list handling memory corruption attempt (file-flash.rules)
 * 1:37347 <-> DISABLED <-> FILE-FLASH Adobe Flash Player improper display list handling memory corruption attempt (file-flash.rules)
 * 1:37399 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader custom string length function memory corruption attempt (file-pdf.rules)
 * 1:37525 <-> DISABLED <-> SERVER-OTHER NTP arbitrary pidfile and driftfile overwrite attempt (server-other.rules)
 * 1:37550 <-> DISABLED <-> EXPLOIT-KIT Nuclear landing page detected (exploit-kit.rules)
 * 1:37592 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel formula length heap corruption attempt (file-office.rules)
 * 1:37593 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel formula length heap corruption attempt (file-office.rules)
 * 1:37600 <-> DISABLED <-> FILE-OFFICE Microsoft Powerpoint shape objects null pointer dereference memory corruption attempt (file-office.rules)
 * 1:37601 <-> DISABLED <-> FILE-OFFICE Microsoft Powerpoint shape objects null pointer dereference memory corruption attempt (file-office.rules)
 * 1:37664 <-> DISABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 1:37670 <-> DISABLED <-> FILE-FLASH Adobe Flash Player convolution filter use-after-free attempt (file-flash.rules)
 * 1:37671 <-> DISABLED <-> FILE-FLASH Adobe Flash Player convolution filter use-after-free attempt (file-flash.rules)
 * 1:37700 <-> DISABLED <-> FILE-OFFICE Microsoft Office ole object external file loading attempt (file-office.rules)
 * 1:37702 <-> DISABLED <-> FILE-OFFICE Microsoft Office ole object external file loading attempt (file-office.rules)
 * 1:37703 <-> DISABLED <-> FILE-OFFICE Microsoft Office ole object external file loading attempt (file-office.rules)
 * 1:37704 <-> DISABLED <-> FILE-OFFICE Microsoft Office ole object external file loading attempt (file-office.rules)
 * 1:37705 <-> DISABLED <-> FILE-OFFICE Microsoft Office ole object external file loading attempt (file-office.rules)
 * 1:37706 <-> DISABLED <-> FILE-OFFICE Microsoft Office ole object external file loading attempt (file-office.rules)
 * 1:37711 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:37726 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:37727 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:37734 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Point object integer overflow attempt (file-flash.rules)
 * 1:37736 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Point object integer overflow attempt (file-flash.rules)
 * 1:37740 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BlurFilter memory corruption attempt (file-flash.rules)
 * 1:37741 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BlurFilter memory corruption attempt (file-flash.rules)
 * 1:37744 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextLine memory corruption attempt (file-flash.rules)
 * 1:37745 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextLine memory corruption attempt (file-flash.rules)
 * 1:37754 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Point object integer overflow attempt (file-flash.rules)
 * 1:37755 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Point object integer overflow attempt (file-flash.rules)
 * 1:37757 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid sourceRect copyPixels heap corruption attempt (file-flash.rules)
 * 1:37758 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid sourceRect copyPixels heap corruption attempt (file-flash.rules)
 * 1:37761 <-> DISABLED <-> FILE-FLASH Adobe Flash Player rectangle auxiliary method integer overflow attempt (file-flash.rules)
 * 1:37764 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData method memory corruption attempt (file-flash.rules)
 * 1:43455 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:37770 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative custom getter use after free attempt (file-flash.rules)
 * 1:47236 <-> DISABLED <-> MALWARE-CNC Unix.Trojan.Prowli variant outbound connection (malware-cnc.rules)
 * 1:46252 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Rovnix outbound connection attempt (malware-cnc.rules)
 * 1:44404 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Trickbot malicious communication attempt (malware-cnc.rules)
 * 1:45643 <-> DISABLED <-> MALWARE-CNC Vbs.Trojan.Agent inbound payload download (malware-cnc.rules)
 * 1:46251 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Rovnix outbound connection attempt (malware-cnc.rules)
 * 1:46580 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (malware-cnc.rules)
 * 1:45977 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB kernel heap memory leak attempt (os-windows.rules)
 * 1:45949 <-> DISABLED <-> PUA-OTHER Coinhive TLS server hello attempt (pua-other.rules)
 * 1:44360 <-> DISABLED <-> SERVER-WEBAPP Trend Micro proxy_controller.php command injection attempt (server-webapp.rules)
 * 1:46129 <-> DISABLED <-> MALWARE-CNC Win.Trojan.HW32 variant outbound connection (malware-cnc.rules)
 * 1:46582 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (malware-cnc.rules)
 * 1:43978 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader graphics engine memory corruption attempt (file-pdf.rules)
 * 1:37771 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative custom getter use after free attempt (file-flash.rules)
 * 1:43900 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Professional XPS2PDF memory corruption attempt (file-other.rules)
 * 1:46581 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (malware-cnc.rules)
 * 1:45646 <-> DISABLED <-> MALWARE-CNC Vbs.Trojan.Agent outbound system information disclosure (malware-cnc.rules)
 * 1:43977 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader graphics engine memory corruption attempt (file-pdf.rules)
 * 1:45130 <-> DISABLED <-> OS-WINDOWS Microsoft Windows RRAS service arbitrary pointer dereference attempt (os-windows.rules)
 * 1:45950 <-> DISABLED <-> PUA-OTHER Coinhive TLS client hello attempt (pua-other.rules)
 * 1:44903 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PSDK Metadata memory corruption attempt (file-flash.rules)
 * 1:45148 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Array out of bounds write attempt (browser-ie.rules)
 * 1:37774 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript constructor use after free attempt (file-flash.rules)
 * 1:37776 <-> DISABLED <-> FILE-FLASH Adobe Flash Player LoadVars use-after-free attempt (file-flash.rules)
 * 1:37777 <-> DISABLED <-> FILE-FLASH Adobe Flash Player LoadVars use-after-free attempt (file-flash.rules)
 * 1:37783 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed Adobe Texture Format heap overflow attempt (file-flash.rules)
 * 1:37790 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative use after free attempt (file-flash.rules)
 * 1:37792 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative use after free attempt (file-flash.rules)
 * 1:37797 <-> DISABLED <-> FILE-FLASH Adobe Flash Player rectangle memory access violation attempt (file-flash.rules)
 * 1:37798 <-> DISABLED <-> FILE-FLASH Adobe Flash Player rectangle memory access violation attempt (file-flash.rules)
 * 1:37801 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (browser-plugins.rules)
 * 1:37808 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer underflow attempt (file-flash.rules)
 * 1:37824 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:37825 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:37938 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:37939 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:38074 <-> DISABLED <-> BROWSER-IE Microsoft Edge CAsyncTpWorker Windows.Data.Pdf.dll object use after free attempt (browser-ie.rules)
 * 1:38076 <-> DISABLED <-> BROWSER-IE Microsoft Edge CAsyncTpWorker Windows.Data.Pdf.dll object use after free attempt (browser-ie.rules)
 * 1:38101 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word wwlib.dll invalid pointer read attempt (file-office.rules)
 * 1:38165 <-> DISABLED <-> FILE-FLASH Adobe Flash Player hitTest BitmapData object integer overflow attempt (file-flash.rules)
 * 1:38167 <-> DISABLED <-> FILE-FLASH Adobe Flash Player hitTest BitmapData object integer overflow attempt (file-flash.rules)
 * 1:38169 <-> DISABLED <-> FILE-FLASH Adobe Flash Player hitTest BitmapData object integer overflow attempt (file-flash.rules)
 * 1:38170 <-> DISABLED <-> FILE-FLASH Adobe Flash Player hitTest BitmapData object integer overflow attempt (file-flash.rules)
 * 1:38175 <-> DISABLED <-> FILE-FLASH Adobe Standalone Flash Player texfield getter use after free attempt (file-flash.rules)
 * 1:38179 <-> DISABLED <-> FILE-FLASH Adobe Standalone Flash Player ASnative object use after free attempt (file-flash.rules)
 * 1:38182 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 multiple axis attributes integer overflow attempt (file-flash.rules)
 * 1:38184 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 multiple axis attributes integer overflow attempt (file-flash.rules)
 * 1:38191 <-> DISABLED <-> FILE-FLASH Adobe Flash Player si32 integer overflow attempt (file-flash.rules)
 * 1:38192 <-> DISABLED <-> FILE-FLASH Adobe Flash Player si32 integer overflow attempt (file-flash.rules)
 * 1:38197 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursion calls stack overflow attempt (file-flash.rules)
 * 1:38198 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursion calls stack overflow attempt (file-flash.rules)
 * 1:38207 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MPD use-after-free attempt (file-flash.rules)
 * 1:38208 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MPD use-after-free attempt (file-flash.rules)
 * 1:38211 <-> DISABLED <-> FILE-PDF Adobe Reader JPEG 2000 chrominance subsampling memory corruption attempt (file-pdf.rules)
 * 1:38212 <-> DISABLED <-> FILE-PDF Adobe Reader JPEG 2000 chrominance subsampling memory corruption attempt (file-pdf.rules)
 * 1:38215 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData.paletteMap size mismatch integer overflow attempt (file-flash.rules)
 * 1:38216 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData.paletteMap size mismatch integer overflow attempt (file-flash.rules)
 * 1:38219 <-> DISABLED <-> FILE-FLASH Adobe Flash Player use after free attempt (file-flash.rules)
 * 1:38220 <-> DISABLED <-> FILE-FLASH Adobe Flash Player use after free (file-flash.rules)
 * 1:38223 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader annotation oversized array memory corruption attempt (file-pdf.rules)
 * 1:38239 <-> DISABLED <-> FILE-FLASH Adobe Flash Player rectangle width integer overflow attempt (file-flash.rules)
 * 1:38241 <-> DISABLED <-> FILE-FLASH Adobe Flash Player rectangle width integer overflow attempt (file-flash.rules)
 * 1:38286 <-> DISABLED <-> SERVER-WEBAPP Reprise License Manager actserver stack buffer overflow attempt (server-webapp.rules)
 * 1:38287 <-> DISABLED <-> SERVER-WEBAPP Reprise License Manager akey stack buffer overflow attempt (server-webapp.rules)
 * 1:38288 <-> DISABLED <-> SERVER-WEBAPP Reprise License Manager licfile stack buffer overflow attempt (server-webapp.rules)
 * 1:38327 <-> DISABLED <-> MALWARE-BACKDOOR ReGeorg proxy read attempt (malware-backdoor.rules)
 * 1:38405 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Transform Class Matrix AS2 use after free attempt (file-flash.rules)
 * 1:38406 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Transform Class Matrix AS2 use after free attempt (file-flash.rules)
 * 1:38409 <-> DISABLED <-> FILE-FLASH Adobe Flash Player JPEG-XR decode buffer overflow attempt (file-flash.rules)
 * 1:38410 <-> DISABLED <-> FILE-FLASH Adobe Flash Player JPEG-XR decode buffer overflow attempt (file-flash.rules)
 * 1:38413 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection to ColorMatrixFilter object type confusion attempt (file-flash.rules)
 * 1:38415 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection to ColorMatrixFilter object type confusion attempt (file-flash.rules)
 * 1:38425 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ExportAssets count memory corruption attempt (file-flash.rules)
 * 1:38430 <-> DISABLED <-> FILE-FLASH Adobe Flash Player toString type confusion memory corruption attempt (file-flash.rules)
 * 1:38433 <-> DISABLED <-> FILE-FLASH Adobe Flash Player toString type confusion memory corruption attempt (file-flash.rules)
 * 1:38481 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel msxml6 ParseElementN use after free attempt (file-office.rules)
 * 1:38482 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel msxml6 ParseElementN use after free attempt (file-office.rules)
 * 1:38577 <-> DISABLED <-> FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (file-flash.rules)
 * 1:38593 <-> DISABLED <-> EXPLOIT-KIT Nuclear Exploit Kit back end communications attempt (exploit-kit.rules)
 * 1:38631 <-> DISABLED <-> FILE-FLASH Angler exploit kit Adobe Flash SWF exploit download (file-flash.rules)
 * 1:38632 <-> DISABLED <-> FILE-FLASH Angler exploit kit Adobe Flash SWF exploit download (file-flash.rules)
 * 1:38635 <-> DISABLED <-> FILE-FLASH Nuclear exploit kit Adobe Flash SWF exploit download (file-flash.rules)
 * 1:38636 <-> DISABLED <-> FILE-FLASH Nuclear exploit kit Adobe Flash SWF exploit download (file-flash.rules)
 * 1:38729 <-> DISABLED <-> SERVER-OTHER Mediabridge Medialink MWN-WAPR300N and Tenda N3 Wireless N150 inbound admin attempt (server-other.rules)
 * 1:38772 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer EMF file integer overflow attempt (browser-ie.rules)
 * 1:38782 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word TTF out-of-bounds memory access attempt (file-office.rules)
 * 1:38783 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word TTF out-of-bounds memory access attempt (file-office.rules)
 * 1:38830 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ContentFactory memory corruption attempt (file-flash.rules)
 * 1:38832 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ContentFactory memory corruption attempt (file-flash.rules)
 * 1:38833 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ContentFactory memory corruption attempt (file-flash.rules)
 * 1:38841 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VBScript toString redim array use after free attempt (browser-ie.rules)
 * 1:38881 <-> DISABLED <-> FILE-FLASH Adobe Flash Player FileReference type confusion attempt (file-flash.rules)
 * 1:38883 <-> DISABLED <-> FILE-FLASH Adobe Flash Player FileReference type confusion attempt (file-flash.rules)
 * 1:38972 <-> DISABLED <-> FILE-FLASH Adobe Flash Player OpportunityGenerator.update memory corruption attempt (file-flash.rules)
 * 1:38973 <-> DISABLED <-> FILE-FLASH Adobe Flash Player OpportunityGenerator.update memory corruption attempt (file-flash.rules)
 * 1:38974 <-> DISABLED <-> FILE-FLASH Adobe Flash Player OpportunityGenerator.update memory corruption attempt (file-flash.rules)
 * 1:38980 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed FlateDecode stream use after free attempt (file-pdf.rules)
 * 1:38981 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed FlateDecode stream use after free attempt (file-pdf.rules)
 * 1:38996 <-> DISABLED <-> FILE-FLASH Adobe Flash Player addProperty use after free attempt (file-flash.rules)
 * 1:38998 <-> DISABLED <-> FILE-FLASH Adobe Flash Player addProperty use after free attempt (file-flash.rules)
 * 1:39009 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setMetadata memory corruption attempt (file-flash.rules)
 * 1:39010 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setMetadata memory corruption attempt (file-flash.rules)
 * 1:39013 <-> DISABLED <-> FILE-PDF Adobe Reader CTJPEGDecoderReadNextTile out of bounds read attempt (file-pdf.rules)
 * 1:39014 <-> DISABLED <-> FILE-PDF Adobe Reader CTJPEGDecoderReadNextTile out of bounds read attempt (file-pdf.rules)
 * 1:39015 <-> DISABLED <-> FILE-PDF Adobe Reader AcroForm dictionary object use after free attempt (file-pdf.rules)
 * 1:39019 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PSDK use-after-free attempt (file-flash.rules)
 * 1:39020 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PSDK use-after-free attempt (file-flash.rules)
 * 1:39022 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PSDK use-after-free attempt (file-flash.rules)
 * 1:39024 <-> DISABLED <-> FILE-FLASH Adobe Flash Player selection.setFocus use after free attempt (file-flash.rules)
 * 1:39025 <-> DISABLED <-> FILE-FLASH Adobe Flash Player selection.setFocus use after free attempt (file-flash.rules)
 * 1:39032 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASSetNative use-after-free attempt (file-flash.rules)
 * 1:39033 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASSetNative use-after-free attempt (file-flash.rules)
 * 1:39102 <-> DISABLED <-> FILE-PDF Adobe Reader PDF embedded JPEG memory corruption attempt (file-pdf.rules)
 * 1:39103 <-> DISABLED <-> FILE-PDF Adobe Reader PDF embedded JPEG memory corruption attempt (file-pdf.rules)
 * 1:39261 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malformed OTF file out-of-bounds memory access attempt (file-other.rules)
 * 1:39272 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShimContentFactory uninitialized pointer use attempt (file-flash.rules)
 * 1:39280 <-> DISABLED <-> FILE-FLASH Adobe Primetime SDK object type confusion overflow attempt (file-flash.rules)
 * 1:39285 <-> DISABLED <-> FILE-FLASH Adobe Flash Player loadSound use after free attempt (file-flash.rules)
 * 1:39288 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShimContentResolver out of bounds memory access attempt (file-flash.rules)
 * 1:39290 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Primetime SDK ShimContentResolver out of bounds memory access attempt (file-flash.rules)
 * 1:39298 <-> DISABLED <-> FILE-FLASH Adobe Flash player retrieveResolvers memory corruption attempt (file-flash.rules)
 * 1:39305 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Primetime SDK ShimContentResolver out of bounds memory access attempt (file-flash.rules)
 * 1:39319 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShimOpportunityGenerator out of bounds memory access attempt (file-flash.rules)
 * 1:39398 <-> DISABLED <-> SERVER-WEBAPP Symantec SEPM management console cross site scripting attempt (server-webapp.rules)
 * 1:39402 <-> DISABLED <-> FILE-OTHER Symantec Antivirus ALPkOldFormatDecompressor out of bounds read attempt (file-other.rules)
 * 1:39441 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer overflow attempt (file-flash.rules)
 * 1:39457 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer underflow attempt (file-flash.rules)
 * 1:39505 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Edge text node table-cell use after free attempt (browser-ie.rules)
 * 1:39524 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel empty bookViews element denial of service attempt (file-office.rules)
 * 1:39525 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel empty bookViews element denial of service attempt (file-office.rules)
 * 1:39540 <-> DISABLED <-> FILE-FLASH Adobe Flash Player local-with-filesystem security bypass attempt (file-flash.rules)
 * 1:39543 <-> DISABLED <-> FILE-FLASH Adobe Flash Player local-with-filesystem security bypass attempt (file-flash.rules)
 * 1:39564 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TimedEvent memory corruption attempt (file-flash.rules)
 * 1:39685 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Tinba variant outbound connection (malware-cnc.rules)
 * 1:39687 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed embeded TTF file memory corruption attempt (file-pdf.rules)
 * 1:39690 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ABRControlParameters access memory corruption attempt (file-flash.rules)
 * 1:39702 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MediaPlayerItemLoader out of bounds memory access attempt (file-flash.rules)
 * 1:39799 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader raster image memory corruption attempt (file-pdf.rules)
 * 1:39824 <-> DISABLED <-> OS-WINDOWS Microsoft Windows GDI emf file integer overflow attempt (os-windows.rules)
 * 1:39843 <-> DISABLED <-> OS-WINDOWS Microsoft Windows gdiplus EMF EmrText out of bounds write attempt (os-windows.rules)
 * 1:39851 <-> DISABLED <-> INDICATOR-COMPROMISE Connection to malware sinkhole - CERT.PL (indicator-compromise.rules)
 * 1:39893 <-> DISABLED <-> OS-LINUX Linux Kernel USBIP out of bounds write attempt (os-linux.rules)
 * 1:39894 <-> DISABLED <-> OS-LINUX Linux Kernel USBIP out of bounds write attempt (os-linux.rules)
 * 1:40075 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel LPenHelper out of bounds write attempt (file-office.rules)
 * 1:40076 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel LPenHelper out of bounds write attempt (file-office.rules)
 * 1:40102 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40103 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40104 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40105 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40106 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40107 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40116 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40117 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40121 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40122 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40152 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DRMManager memory corruption attempt (file-flash.rules)
 * 1:40167 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShimContentResolver out of bounds memory access attempt (file-flash.rules)
 * 1:40178 <-> DISABLED <-> FILE-FLASH Adobe Flash Player local-with-filesystem sandbox escape attempt (file-flash.rules)
 * 1:40236 <-> DISABLED <-> FILE-PDF Adobe Reader embedded font out of bounds memory access attempt (file-pdf.rules)
 * 1:40237 <-> DISABLED <-> FILE-PDF Adobe Reader embedded font out of bounds memory access attempt (file-pdf.rules)
 * 1:40312 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CTreePos type confusion attempt (browser-ie.rules)
 * 1:40375 <-> DISABLED <-> OS-WINDOWS Microsoft Windows insecure BoundaryDescriptor privilege escalation attempt (os-windows.rules)
 * 1:40425 <-> DISABLED <-> OS-WINDOWS Microsoft Windows GDI+ EMF buffer overread attempt (os-windows.rules)
 * 1:40503 <-> DISABLED <-> FILE-FLASH Adobe Flash Player QOSProvider use-after-free attempt (file-flash.rules)
 * 1:40706 <-> DISABLED <-> FILE-OTHER Microsoft Windows OTF cmap table parsing integer overflow attempt (file-other.rules)
 * 1:40717 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel LPenHelper use after free attempt (file-office.rules)
 * 1:40718 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel LPenHelper use after free attempt (file-office.rules)
 * 1:40737 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Primetime SDK AdvertisingMetadata type confustion attempt (file-flash.rules)
 * 1:40743 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource use after free attempt (file-flash.rules)
 * 1:40753 <-> ENABLED <-> EXPLOIT-KIT Rig exploit kit outbound communication (exploit-kit.rules)
 * 1:40813 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight GetChar out of bounds read attempt (browser-plugins.rules)
 * 1:40814 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight GetChar out of bounds read attempt (browser-plugins.rules)
 * 1:40934 <-> DISABLED <-> FILE-EXECUTABLE Nvidia Windows kernel mode driver denial of service attempt (file-executable.rules)
 * 1:40957 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel security descriptor out of bounds read attempt (file-office.rules)
 * 1:40958 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel security descriptor out of bounds read attempt (file-office.rules)
 * 1:40959 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ddeService command execution attempt (file-office.rules)
 * 1:40960 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ddeService command execution attempt (file-office.rules)
 * 1:40983 <-> DISABLED <-> FILE-OTHER Microsoft Internet Explorer malformed ico integer overflow attempt (file-other.rules)
 * 1:41003 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Primetime SDK out of bounds read attempt (file-flash.rules)
 * 1:41015 <-> DISABLED <-> FILE-FLASH Acrobat Flash WorkerDomain memory corruption attempt (file-flash.rules)
 * 1:41026 <-> DISABLED <-> SERVER-WEBAPP Advantech WebAccess Dashboard remote code execution attempt (server-webapp.rules)
 * 1:41310 <-> DISABLED <-> FILE-IMAGE libBPG restore_tqb_pixel out of bounds write attempt (file-image.rules)
 * 1:41344 <-> DISABLED <-> FILE-OTHER CorelDRAW X8 EMF invalid ihBrush field value out of bounds read attempt (file-other.rules)
 * 1:41358 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Primetime SDK ShimContentResolver memory corruption attempt (file-flash.rules)
 * 1:41515 <-> DISABLED <-> POLICY-OTHER McAfee Virus Scan Linux outdated version detected (policy-other.rules)
 * 1:41516 <-> DISABLED <-> SERVER-WEBAPP McAfee Virus Scan Linux file existence test attempt (server-webapp.rules)
 * 1:41521 <-> DISABLED <-> SERVER-WEBAPP McAfee Virus Scan Linux cross site scripting attempt (server-webapp.rules)
 * 1:41565 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:41566 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:41601 <-> DISABLED <-> FILE-PDF Microsoft Edge PDF Builder out of bounds read attempt (file-pdf.rules)
 * 1:41602 <-> DISABLED <-> FILE-PDF Microsoft Edge PDF Builder out of bounds read attempt (file-pdf.rules)
 * 1:41624 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MessageChannel type confusion attempt (file-flash.rules)
 * 1:41630 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PSDK EventDispatch removeEventListener use after free attempt (file-flash.rules)
 * 1:41680 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShimContentResolver out of bounds memory access attempt (file-flash.rules)
 * 1:41681 <-> DISABLED <-> SERVER-WEBAPP McAfee Virus Scan Linux remote code execution attempt (server-webapp.rules)
 * 1:41783 <-> ENABLED <-> EXPLOIT-KIT Rig exploit kit URL outbound communication (exploit-kit.rules)
 * 1:41818 <-> DISABLED <-> SERVER-APACHE Apache Struts remote code execution attempt (server-apache.rules)
 * 1:41819 <-> DISABLED <-> SERVER-APACHE Apache Struts remote code execution attempt (server-apache.rules)
 * 1:41976 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel shared strings memory corruption attempt (file-office.rules)
 * 1:41977 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel shared strings memory corruption attempt (file-office.rules)
 * 1:41979 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel shared strings memory corruption attempt (file-office.rules)
 * 1:41980 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel shared strings memory corruption attempt (file-office.rules)
 * 1:42080 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Jenxcus outbound connection with unique User-Agent (malware-cnc.rules)
 * 1:42097 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Resolution Opportunity parameter memory corruption attempt (file-flash.rules)
 * 1:42150 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malformed OTF file out-of-bounds memory access attempt (file-other.rules)
 * 1:42151 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malformed OTF file out-of-bounds memory access attempt (file-other.rules)
 * 1:42161 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel  out of bounds memory attempt (file-office.rules)
 * 1:42162 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel out of bounds memory attempt (file-office.rules)
 * 1:42222 <-> DISABLED <-> SERVER-WEBAPP Moxa MX Studio login page denial of service attempt (server-webapp.rules)
 * 1:42372 <-> ENABLED <-> POLICY-OTHER eicar file detected (policy-other.rules)
 * 1:42373 <-> ENABLED <-> POLICY-OTHER eicar file detected (policy-other.rules)
 * 1:42374 <-> ENABLED <-> POLICY-OTHER eicar file detected (policy-other.rules)
 * 1:42375 <-> ENABLED <-> POLICY-OTHER eicar file detected (policy-other.rules)
 * 1:42376 <-> ENABLED <-> POLICY-OTHER eicar file detected (policy-other.rules)
 * 1:42810 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData out of bounds memory access attempt (file-flash.rules)
 * 1:42811 <-> DISABLED <-> BROWSER-IE Microsoft Edge Chakra Engine use-after-free attempt (browser-ie.rules)
 * 1:42812 <-> DISABLED <-> BROWSER-IE Microsoft Edge Chakra Engine use-after-free attempt (browser-ie.rules)
 * 1:42816 <-> DISABLED <-> FILE-FLASH Adobe Flash Player display object mask use after free attempt (file-flash.rules)
 * 1:42817 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayObject use after free attempt (file-flash.rules)
 * 1:42902 <-> DISABLED <-> FILE-OFFICE Microsoft Office EPS restore command use after free attempt (file-office.rules)
 * 1:42904 <-> DISABLED <-> FILE-OFFICE Microsoft Office EPS restore command use after free attempt (file-office.rules)
 * 1:42911 <-> DISABLED <-> FILE-PDF Acrobat Reader TIFF malformed IFD tag heap overflow attempt (file-pdf.rules)
 * 1:42913 <-> DISABLED <-> FILE-PDF Acrobat Reader TIFF malformed IFD tag heap overflow attempt (file-pdf.rules)
 * 1:42915 <-> DISABLED <-> FILE-PDF Acrobat Reader TIFF malformed IFD tag heap overflow attempt (file-pdf.rules)
 * 1:43048 <-> DISABLED <-> FILE-FLASH Adobe Flash Player JSON stringify memory corruption attempt (file-flash.rules)
 * 1:43169 <-> DISABLED <-> BROWSER-IE Microsoft Edge textContent use after free attempt (browser-ie.rules)
 * 1:43179 <-> DISABLED <-> FILE-OFFICE Powerpoint mouseover powershell malware download attempt (file-office.rules)
 * 1:43221 <-> DISABLED <-> MALWARE-OTHER Win.Trojan-Downloader.Jadtree GET request of RAR file to server (malware-other.rules)
 * 1:43383 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AdvertisingMetadata use after free attempt (file-flash.rules)
 * 1:43396 <-> DISABLED <-> FILE-FLASH Adobe Acrobat Reader profile use after free attempt (file-flash.rules)

2020-10-29 14:07:10 UTC

Snort Subscriber Rules Update

Date: 2020-10-29

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091101.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:56151 <-> DISABLED <-> SERVER-OTHER Adobe ColdFusion vulnerable DataServicesCFProxy class reference attempt (server-other.rules)
 * 1:56162 <-> ENABLED <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt (server-webapp.rules)
 * 1:56157 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook email parsing remote code execution attempt (file-office.rules)
 * 1:56156 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook email parsing remote code execution attempt (file-office.rules)
 * 1:56140 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Czxz-9784395-0 download attempt (malware-other.rules)
 * 1:56139 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Czxz-9784395-0 download attempt (malware-other.rules)
 * 1:56142 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.Zusy-9784403-0 download attempt (malware-other.rules)
 * 1:56150 <-> DISABLED <-> SERVER-OTHER Adobe ColdFusion DataServicesCFProxy insecure Java deserialization attempt (server-other.rules)
 * 1:56164 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.PyVil download attempt (malware-other.rules)
 * 1:56163 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.PyVil download attempt (malware-other.rules)
 * 1:56166 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.PyVil outbound communication attempt (malware-other.rules)
 * 1:56155 <-> DISABLED <-> SERVER-WEBAPP MobileIron Core & Connector remote code execution attempt (server-webapp.rules)
 * 1:56165 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.PyVil download attempt (malware-other.rules)
 * 1:56154 <-> DISABLED <-> SERVER-WEBAPP MobileIron Core & Connector remote code execution attempt (server-webapp.rules)
 * 1:56141 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.Zusy-9784403-0 download attempt (malware-other.rules)
 * 1:56167 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.PyVil download attempt (malware-other.rules)
 * 3:56148 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1179 attack attempt (server-webapp.rules)
 * 3:56144 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1177 attack attempt (server-webapp.rules)
 * 3:56160 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1176 attack attempt (file-image.rules)
 * 3:56147 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1179 attack attempt (server-webapp.rules)
 * 3:56153 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1178 attack attempt (server-webapp.rules)
 * 3:56143 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1177 attack attempt (server-webapp.rules)
 * 3:56145 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1177 attack attempt (server-webapp.rules)
 * 3:56146 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1177 attack attempt (server-webapp.rules)
 * 3:56158 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1176 attack attempt (file-image.rules)
 * 3:56161 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1176 attack attempt (file-image.rules)
 * 3:56159 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1176 attack attempt (file-image.rules)
 * 3:56149 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1179 attack attempt (server-webapp.rules)
 * 3:56152 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1178 attack attempt (server-webapp.rules)

Modified Rules:


 * 1:47006 <-> DISABLED <-> MALWARE-CNC Win.Trojan.SocketPlayer outbound connection (malware-cnc.rules)
 * 1:47056 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel empty bookViews element denial of service attempt (file-office.rules)
 * 1:47241 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Mylobot additional payload download (malware-cnc.rules)
 * 1:47701 <-> DISABLED <-> MALWARE-CNC Win.Backdoor.Iniduoh variant outbound connection (malware-cnc.rules)
 * 1:47358 <-> DISABLED <-> SERVER-WEBAPP CCTV-DVR command injection attempt (server-webapp.rules)
 * 1:47557 <-> DISABLED <-> MALWARE-CNC Win.Trojan.PLEAD downloader outbound connection (malware-cnc.rules)
 * 1:47556 <-> DISABLED <-> MALWARE-CNC Win.Trojan.PLEAD downloader outbound connection (malware-cnc.rules)
 * 1:47242 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Mylobot additional payload download (malware-cnc.rules)
 * 1:45148 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Array out of bounds write attempt (browser-ie.rules)
 * 1:43977 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader graphics engine memory corruption attempt (file-pdf.rules)
 * 1:45564 <-> DISABLED <-> MALWARE-CNC Unix.Trojan.Vpnfilter variant outbound connection attempt (malware-cnc.rules)
 * 1:44016 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Rectangle constructor use after free attempt (file-flash.rules)
 * 1:45336 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ursnif variant outbound connection attempt (malware-cnc.rules)
 * 1:45371 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word docx subDocument file include attempt (file-office.rules)
 * 1:44622 <-> DISABLED <-> MALWARE-CNC Android Red Alert Trojan outbound connection (malware-cnc.rules)
 * 1:45162 <-> DISABLED <-> BROWSER-IE Microsoft Edge memory corruption attempt (browser-ie.rules)
 * 1:46251 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Rovnix outbound connection attempt (malware-cnc.rules)
 * 1:46249 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Rovnix outbound connection attempt (malware-cnc.rules)
 * 1:45949 <-> DISABLED <-> PUA-OTHER Coinhive TLS server hello attempt (pua-other.rules)
 * 1:47148 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ursnif malicious file download (malware-cnc.rules)
 * 1:43900 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Professional XPS2PDF memory corruption attempt (file-other.rules)
 * 1:46989 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.MBRLock file download (malware-other.rules)
 * 1:45773 <-> DISABLED <-> MALWARE-CNC Win.Trojan.CannibalRAT outbound upload attempt (malware-cnc.rules)
 * 1:46586 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (malware-cnc.rules)
 * 1:46783 <-> DISABLED <-> MALWARE-CNC Unix.Trojan.Vpnfilter variant SSL connection attempt (malware-cnc.rules)
 * 1:46793 <-> DISABLED <-> OS-WINDOWS Malicious zip download attempt (os-windows.rules)
 * 1:45370 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word docx subDocument file include attempt (file-office.rules)
 * 1:43790 <-> DISABLED <-> SERVER-OTHER Apache mod_auth_digest out of bounds read attempt (server-other.rules)
 * 1:43455 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:47236 <-> DISABLED <-> MALWARE-CNC Unix.Trojan.Prowli variant outbound connection (malware-cnc.rules)
 * 1:44430 <-> DISABLED <-> FILE-OFFICE Fin7 Maldoc campaign exploitation attempt  (file-office.rules)
 * 1:46744 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dropper malicious executable download attempt (malware-cnc.rules)
 * 1:43978 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader graphics engine memory corruption attempt (file-pdf.rules)
 * 1:46584 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (malware-cnc.rules)
 * 1:44431 <-> DISABLED <-> FILE-OFFICE Fin7 Maldoc campaign exploitation attempt  (file-office.rules)
 * 1:44564 <-> DISABLED <-> MALWARE-CNC PowerShell Empire variant outbound connection (malware-cnc.rules)
 * 1:46491 <-> DISABLED <-> FILE-PDF Adobe Flash Player ActionScript setFocus use after free attempt (file-pdf.rules)
 * 1:47678 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Torpplar variant outbound connection (malware-cnc.rules)
 * 1:43625 <-> DISABLED <-> SERVER-WEBAPP Axis M3004 remote code execution attempt (server-webapp.rules)
 * 1:44880 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF EMR_STRETCHDIBITS memory corruption attempt (file-image.rules)
 * 1:49255 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:43994 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader graphics engine memory corruption attempt (file-pdf.rules)
 * 1:43901 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Professional XPS2PDF memory corruption attempt (file-other.rules)
 * 1:44657 <-> DISABLED <-> SERVER-WEBAPP Unitrends Enterprise Backup API SQL injection attempt (server-webapp.rules)
 * 1:46372 <-> DISABLED <-> PUA-OTHER Moonify TLS client hello attempt (pua-other.rules)
 * 1:44361 <-> DISABLED <-> SERVER-WEBAPP Trend Micro proxy_controller.php command injection attempt (server-webapp.rules)
 * 1:46135 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Krodown variant connection attempt (malware-cnc.rules)
 * 1:45682 <-> DISABLED <-> SERVER-OTHER HP Integrated Lights-Out HTTP headers processing buffer overflow attempt (server-other.rules)
 * 1:44052 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word EPS filter PostScript object use after free attempt (file-office.rules)
 * 1:46252 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Rovnix outbound connection attempt (malware-cnc.rules)
 * 1:44360 <-> DISABLED <-> SERVER-WEBAPP Trend Micro proxy_controller.php command injection attempt (server-webapp.rules)
 * 1:44964 <-> DISABLED <-> FILE-FLASH Adobe Flash Player tvsdk object use after free attempt (file-flash.rules)
 * 1:44688 <-> DISABLED <-> SERVER-WEBAPP Netgear DGN1000 series routers arbitrary command execution attempt (server-webapp.rules)
 * 1:45973 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Chafer malicious communication attempt (malware-cnc.rules)
 * 1:46250 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Rovnix outbound connection attempt (malware-cnc.rules)
 * 1:44892 <-> DISABLED <-> FILE-FLASH Adobe Flash Player determinePreferredLocales memory corruption attempt (file-flash.rules)
 * 1:45643 <-> DISABLED <-> MALWARE-CNC Vbs.Trojan.Agent inbound payload download (malware-cnc.rules)
 * 1:43993 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader graphics engine memory corruption attempt (file-pdf.rules)
 * 1:44404 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Trickbot malicious communication attempt (malware-cnc.rules)
 * 1:45169 <-> DISABLED <-> BROWSER-IE Microsoft Edge array type confusion attempt (browser-ie.rules)
 * 1:45772 <-> DISABLED <-> MALWARE-CNC Win.Trojan.CannibalRAT outbound reporting attempt (malware-cnc.rules)
 * 1:45131 <-> DISABLED <-> OS-WINDOWS Microsoft Windows RRAS service arbitrary pointer dereference attempt (os-windows.rules)
 * 1:46371 <-> DISABLED <-> PUA-OTHER Moonify TLS server hello attempt (pua-other.rules)
 * 1:44620 <-> DISABLED <-> MALWARE-CNC Android Red Alert Trojan outbound connection (malware-cnc.rules)
 * 1:44017 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Rectangle constructor use after free attempt (file-flash.rules)
 * 1:49311 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:49376 <-> DISABLED <-> SERVER-APACHE Apache Struts remote code execution attempt (server-apache.rules)
 * 1:49788 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Zacinlo outbound connection (malware-cnc.rules)
 * 1:49789 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Zacinlo outbound connection (malware-cnc.rules)
 * 1:56130 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:46782 <-> DISABLED <-> MALWARE-CNC Unix.Trojan.Vpnfilter variant SSL connection attempt (malware-cnc.rules)
 * 1:56131 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56132 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56133 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:56138 <-> ENABLED <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt (server-webapp.rules)
 * 1:43406 <-> DISABLED <-> FILE-FLASH Adobe Flash Player determinePreferredLocales out of bounds memory read attempt (file-flash.rules)
 * 1:46582 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (malware-cnc.rules)
 * 1:31033 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Cryptodefence variant outbound connection (malware-cnc.rules)
 * 1:36707 <-> DISABLED <-> FILE-OFFICE Microsoft Office malformed odttf integer overflow attempt (file-office.rules)
 * 1:36708 <-> DISABLED <-> FILE-OFFICE Microsoft Office malformed odttf integer overflow attempt (file-office.rules)
 * 1:36713 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ClickOnce information disclosure attempt (os-windows.rules)
 * 1:36714 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel slicer style use-after-free attempt (file-office.rules)
 * 1:36715 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel slicer style use-after-free attempt (file-office.rules)
 * 1:36751 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel MdCallBack out of bounds read attempt (file-office.rules)
 * 1:36752 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel MdCallBack out of bounds read attempt (file-office.rules)
 * 1:36812 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer nonexistent attribute removal memory corruption attempt (browser-ie.rules)
 * 1:36819 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:36820 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:36821 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:36822 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:36829 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 actionExtends use-after-free attempt (file-flash.rules)
 * 1:36830 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 actionExtends use-after-free attempt (file-flash.rules)
 * 1:36831 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 actionExtends use-after-free attempt (file-flash.rules)
 * 1:36832 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 actionExtends use-after-free attempt (file-flash.rules)
 * 1:36846 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 TextField gridFitType use after free attempt (file-flash.rules)
 * 1:36859 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36860 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36863 <-> DISABLED <-> FILE-FLASH Adobe Flash Player attachsound use-after-free attempt (file-flash.rules)
 * 1:36864 <-> DISABLED <-> FILE-FLASH Adobe Flash Player attachsound use-after-free attempt (file-flash.rules)
 * 1:36883 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:36960 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word XML parsing use after free attempt (file-office.rules)
 * 1:36961 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word XML parsing use after free attempt (file-office.rules)
 * 1:36998 <-> DISABLED <-> OS-WINDOWS Microsoft .NET Silverlight manifest resource file information disclosure attempt (os-windows.rules)
 * 1:37071 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter integer overflow attempt (file-flash.rules)
 * 1:37072 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter integer overflow attempt (file-flash.rules)
 * 1:37074 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter integer overflow attempt (file-flash.rules)
 * 1:37075 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter integer overflow attempt (file-flash.rules)
 * 1:37081 <-> DISABLED <-> FILE-FLASH Adobe Flash Player String length heap buffer overflow attempt (file-flash.rules)
 * 1:37082 <-> DISABLED <-> FILE-FLASH Adobe Flash Player String length heap buffer overflow attempt (file-flash.rules)
 * 1:37085 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array memory corruption attempt (file-flash.rules)
 * 1:37086 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array memory corruption attempt (file-flash.rules)
 * 1:37090 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PrintJob object use-after-free attempt (file-flash.rules)
 * 1:37091 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PrintJob object use-after-free attempt (file-flash.rules)
 * 1:37092 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SoundURLStream memory corruption attempt (file-flash.rules)
 * 1:37094 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SoundURLStream memory corruption attempt (file-flash.rules)
 * 1:37105 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MovieClip object use-after-free attempt (file-flash.rules)
 * 1:37106 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MovieClip object use-after-free attempt (file-flash.rules)
 * 1:37109 <-> DISABLED <-> FILE-FLASH Adobe Flash Player selection.setFocus use after free attempt (file-flash.rules)
 * 1:37110 <-> DISABLED <-> FILE-FLASH Adobe Flash Player selection.setFocus use after free attempt (file-flash.rules)
 * 1:37118 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (file-flash.rules)
 * 1:37119 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (file-flash.rules)
 * 1:37121 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MP3 ID3 data parsing heap buffer overflow attempt (file-flash.rules)
 * 1:37123 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MP3 ID3 data parsing heap buffer overflow attempt (file-flash.rules)
 * 1:37128 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 setTransform use-after-free attempt (file-flash.rules)
 * 1:37129 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 setTransform use-after-free attempt (file-flash.rules)
 * 1:37135 <-> DISABLED <-> SERVER-WEBAPP Fireeye Java decompiler reflection remote code execution attempt (server-webapp.rules)
 * 1:37136 <-> DISABLED <-> SERVER-WEBAPP Fireeye Java decompiler reflection remote code execution attempt (server-webapp.rules)
 * 1:37144 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SetSlot type confusion attempt (file-flash.rules)
 * 1:37145 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SetSlot type confusion attempt (file-flash.rules)
 * 1:37157 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject send stack buffer overflow attempt (file-flash.rules)
 * 1:37159 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject send stack buffer overflow attempt (file-flash.rules)
 * 1:37160 <-> DISABLED <-> FILE-FLASH Adobe Flash Player oversize source bitmap memory corruption attempt (file-flash.rules)
 * 1:37161 <-> DISABLED <-> FILE-FLASH Adobe Flash Player oversize source bitmap memory corruption attempt (file-flash.rules)
 * 1:37167 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLStream use after free attempt (file-flash.rules)
 * 1:37168 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLStream use after free attempt (file-flash.rules)
 * 1:37169 <-> DISABLED <-> FILE-FLASH Adobe Flash Player heap memory disclosure via custom valueOf handler attempt (file-flash.rules)
 * 1:37170 <-> DISABLED <-> FILE-FLASH Adobe Flash Player heap memory disclosure via custom valueOf handler attempt (file-flash.rules)
 * 1:37171 <-> DISABLED <-> FILE-FLASH Adobe Flash Player heap memory disclosure via custom valueOf handler attempt (file-flash.rules)
 * 1:37172 <-> DISABLED <-> FILE-FLASH Adobe Flash Player heap memory disclosure via custom valueOf handler attempt (file-flash.rules)
 * 1:37178 <-> DISABLED <-> FILE-FLASH Adobe Flash Player M3U8 parser logic memory corruption attempt (file-flash.rules)
 * 1:37180 <-> DISABLED <-> FILE-FLASH Adobe Flash Player M3U8 parser logic memory corruption attempt (file-flash.rules)
 * 1:37183 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextFormat.tabStops use after free attempt (file-flash.rules)
 * 1:37184 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextFormat.tabStops use after free attempt (file-flash.rules)
 * 1:37185 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextFormat.tabStops use after free attempt (file-flash.rules)
 * 1:37186 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextFormat.tabStops use after free attempt (file-flash.rules)
 * 1:37205 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object.addProperty method use after free attempt (file-flash.rules)
 * 1:37206 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object.addProperty method use after free attempt (file-flash.rules)
 * 1:37208 <-> DISABLED <-> FILE-FLASH Adobe Flash Player LoadVars decode use after free attempt (file-flash.rules)
 * 1:37210 <-> DISABLED <-> FILE-FLASH Adobe Flash Player LoadVars decode use after free attempt (file-flash.rules)
 * 1:37216 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MovieClip setMask use after free attempt (file-flash.rules)
 * 1:37218 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MovieClip setMask use after free attempt (file-flash.rules)
 * 1:37237 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object hasOwnProperty use after free attempt (file-flash.rules)
 * 1:37239 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object hasOwnProperty use after free attempt (file-flash.rules)
 * 1:37247 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeMovieClip use after free attempt (file-flash.rules)
 * 1:37248 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeMovieClip use after free attempt (file-flash.rules)
 * 1:37249 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeMovieClip use after free attempt (file-flash.rules)
 * 1:37259 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel mso20win32client use after free attempt (file-office.rules)
 * 1:37265 <-> DISABLED <-> FILE-OFFICE Microsoft Office metafile conversion out of bounds read attempt (file-office.rules)
 * 1:37266 <-> DISABLED <-> FILE-OFFICE Microsoft Office metafile conversion out of bounds read attempt (file-office.rules)
 * 1:37267 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight GetChar out of bounds read attempt (browser-plugins.rules)
 * 1:37268 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight GetChar out of bounds read attempt (browser-plugins.rules)
 * 1:37345 <-> DISABLED <-> FILE-FLASH Adobe Flash Player improper display list handling memory corruption attempt (file-flash.rules)
 * 1:37347 <-> DISABLED <-> FILE-FLASH Adobe Flash Player improper display list handling memory corruption attempt (file-flash.rules)
 * 1:37399 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader custom string length function memory corruption attempt (file-pdf.rules)
 * 1:37525 <-> DISABLED <-> SERVER-OTHER NTP arbitrary pidfile and driftfile overwrite attempt (server-other.rules)
 * 1:37550 <-> DISABLED <-> EXPLOIT-KIT Nuclear landing page detected (exploit-kit.rules)
 * 1:37592 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel formula length heap corruption attempt (file-office.rules)
 * 1:37593 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel formula length heap corruption attempt (file-office.rules)
 * 1:37600 <-> DISABLED <-> FILE-OFFICE Microsoft Powerpoint shape objects null pointer dereference memory corruption attempt (file-office.rules)
 * 1:37601 <-> DISABLED <-> FILE-OFFICE Microsoft Powerpoint shape objects null pointer dereference memory corruption attempt (file-office.rules)
 * 1:37664 <-> DISABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 1:37670 <-> DISABLED <-> FILE-FLASH Adobe Flash Player convolution filter use-after-free attempt (file-flash.rules)
 * 1:37671 <-> DISABLED <-> FILE-FLASH Adobe Flash Player convolution filter use-after-free attempt (file-flash.rules)
 * 1:37700 <-> DISABLED <-> FILE-OFFICE Microsoft Office ole object external file loading attempt (file-office.rules)
 * 1:37702 <-> DISABLED <-> FILE-OFFICE Microsoft Office ole object external file loading attempt (file-office.rules)
 * 1:37703 <-> DISABLED <-> FILE-OFFICE Microsoft Office ole object external file loading attempt (file-office.rules)
 * 1:46581 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (malware-cnc.rules)
 * 1:44903 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PSDK Metadata memory corruption attempt (file-flash.rules)
 * 1:43967 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Acrobat Professional EMF malformed EMR_POLYBEZIERTO16 out of bounds access attempt (file-multimedia.rules)
 * 1:45972 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Chafer malicious communication attempt (malware-cnc.rules)
 * 1:44885 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat XPS unicode glyph pointer out of bounds (file-image.rules)
 * 1:46129 <-> DISABLED <-> MALWARE-CNC Win.Trojan.HW32 variant outbound connection (malware-cnc.rules)
 * 1:44338 <-> DISABLED <-> BROWSER-IE Microsoft Edge denial of service attempt (browser-ie.rules)
 * 1:45976 <-> DISABLED <-> SERVER-WEBAPP Pivotal Spring Data REST PATCH request remote code execution attempt (server-webapp.rules)
 * 1:45923 <-> DISABLED <-> EXPLOIT-KIT Terror EK dll download attempt (exploit-kit.rules)
 * 1:46580 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (malware-cnc.rules)
 * 1:46585 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (malware-cnc.rules)
 * 1:45977 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB kernel heap memory leak attempt (os-windows.rules)
 * 1:44621 <-> DISABLED <-> MALWARE-CNC Android Red Alert Trojan outbound connection (malware-cnc.rules)
 * 1:43865 <-> DISABLED <-> FILE-IMAGE Adobe Reader EMF EMR_MOVETOEX memory corruption attempt (file-image.rules)
 * 1:43913 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Professional XPS2PDF memory corruption attempt (file-other.rules)
 * 1:46583 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (malware-cnc.rules)
 * 1:45922 <-> DISABLED <-> EXPLOIT-KIT Terror EK exe download attempt (exploit-kit.rules)
 * 1:43912 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Professional XPS2PDF memory corruption attempt (file-other.rules)
 * 1:45117 <-> DISABLED <-> SERVER-WEBAPP Huawei DeviceUpgrade command injection attempt (server-webapp.rules)
 * 1:37704 <-> DISABLED <-> FILE-OFFICE Microsoft Office ole object external file loading attempt (file-office.rules)
 * 1:46137 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Cidox variant outbound connection attempt (malware-cnc.rules)
 * 1:37705 <-> DISABLED <-> FILE-OFFICE Microsoft Office ole object external file loading attempt (file-office.rules)
 * 1:37706 <-> DISABLED <-> FILE-OFFICE Microsoft Office ole object external file loading attempt (file-office.rules)
 * 1:37711 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:37726 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:47175 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ddeService command execution attempt (file-office.rules)
 * 1:37727 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:37734 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Point object integer overflow attempt (file-flash.rules)
 * 1:37736 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Point object integer overflow attempt (file-flash.rules)
 * 1:37740 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BlurFilter memory corruption attempt (file-flash.rules)
 * 1:37741 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BlurFilter memory corruption attempt (file-flash.rules)
 * 1:37744 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextLine memory corruption attempt (file-flash.rules)
 * 1:37745 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextLine memory corruption attempt (file-flash.rules)
 * 1:37754 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Point object integer overflow attempt (file-flash.rules)
 * 1:37755 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Point object integer overflow attempt (file-flash.rules)
 * 1:37757 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid sourceRect copyPixels heap corruption attempt (file-flash.rules)
 * 1:37758 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid sourceRect copyPixels heap corruption attempt (file-flash.rules)
 * 1:37761 <-> DISABLED <-> FILE-FLASH Adobe Flash Player rectangle auxiliary method integer overflow attempt (file-flash.rules)
 * 1:37764 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData method memory corruption attempt (file-flash.rules)
 * 1:37770 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative custom getter use after free attempt (file-flash.rules)
 * 1:37771 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative custom getter use after free attempt (file-flash.rules)
 * 1:37774 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript constructor use after free attempt (file-flash.rules)
 * 1:37776 <-> DISABLED <-> FILE-FLASH Adobe Flash Player LoadVars use-after-free attempt (file-flash.rules)
 * 1:45646 <-> DISABLED <-> MALWARE-CNC Vbs.Trojan.Agent outbound system information disclosure (malware-cnc.rules)
 * 1:45130 <-> DISABLED <-> OS-WINDOWS Microsoft Windows RRAS service arbitrary pointer dereference attempt (os-windows.rules)
 * 1:45950 <-> DISABLED <-> PUA-OTHER Coinhive TLS client hello attempt (pua-other.rules)
 * 1:45771 <-> DISABLED <-> MALWARE-CNC Win.Trojan.CannibalRAT initial outbound connection (malware-cnc.rules)
 * 1:44619 <-> DISABLED <-> MALWARE-CNC Android Red Alert Trojan outbound connection (malware-cnc.rules)
 * 1:45909 <-> DISABLED <-> MALWARE-CNC CobaltStrike trial version inbound beacon response (malware-cnc.rules)
 * 1:44929 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF out of bounds write attempt (file-image.rules)
 * 1:45904 <-> DISABLED <-> MALWARE-BACKDOOR CobaltStrike inbound beacon download (malware-backdoor.rules)
 * 1:46490 <-> DISABLED <-> FILE-PDF Adobe Flash Player ActionScript setFocus use after free attempt (file-pdf.rules)
 * 1:45978 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB kernel heap memory leak attempt (os-windows.rules)
 * 1:45642 <-> DISABLED <-> MALWARE-CNC Vbs.Trojan.Agent outbound connection (malware-cnc.rules)
 * 1:45132 <-> DISABLED <-> FILE-OFFICE Microsoft Office Equation Editor object stack buffer overflow attempt (file-office.rules)
 * 1:44969 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF EmfPlusFont memory corruption attempt (file-image.rules)
 * 1:44646 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.BadRabbit propagation via SVCCTL remote service attempt (malware-other.rules)
 * 1:37777 <-> DISABLED <-> FILE-FLASH Adobe Flash Player LoadVars use-after-free attempt (file-flash.rules)
 * 1:37783 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed Adobe Texture Format heap overflow attempt (file-flash.rules)
 * 1:37790 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative use after free attempt (file-flash.rules)
 * 1:37792 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative use after free attempt (file-flash.rules)
 * 1:37797 <-> DISABLED <-> FILE-FLASH Adobe Flash Player rectangle memory access violation attempt (file-flash.rules)
 * 1:37798 <-> DISABLED <-> FILE-FLASH Adobe Flash Player rectangle memory access violation attempt (file-flash.rules)
 * 1:37801 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (browser-plugins.rules)
 * 1:37808 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer underflow attempt (file-flash.rules)
 * 1:37824 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:37825 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:37938 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:37939 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:38074 <-> DISABLED <-> BROWSER-IE Microsoft Edge CAsyncTpWorker Windows.Data.Pdf.dll object use after free attempt (browser-ie.rules)
 * 1:38076 <-> DISABLED <-> BROWSER-IE Microsoft Edge CAsyncTpWorker Windows.Data.Pdf.dll object use after free attempt (browser-ie.rules)
 * 1:38101 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word wwlib.dll invalid pointer read attempt (file-office.rules)
 * 1:38165 <-> DISABLED <-> FILE-FLASH Adobe Flash Player hitTest BitmapData object integer overflow attempt (file-flash.rules)
 * 1:38167 <-> DISABLED <-> FILE-FLASH Adobe Flash Player hitTest BitmapData object integer overflow attempt (file-flash.rules)
 * 1:38169 <-> DISABLED <-> FILE-FLASH Adobe Flash Player hitTest BitmapData object integer overflow attempt (file-flash.rules)
 * 1:38170 <-> DISABLED <-> FILE-FLASH Adobe Flash Player hitTest BitmapData object integer overflow attempt (file-flash.rules)
 * 1:38175 <-> DISABLED <-> FILE-FLASH Adobe Standalone Flash Player texfield getter use after free attempt (file-flash.rules)
 * 1:38179 <-> DISABLED <-> FILE-FLASH Adobe Standalone Flash Player ASnative object use after free attempt (file-flash.rules)
 * 1:38182 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 multiple axis attributes integer overflow attempt (file-flash.rules)
 * 1:38184 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 multiple axis attributes integer overflow attempt (file-flash.rules)
 * 1:38191 <-> DISABLED <-> FILE-FLASH Adobe Flash Player si32 integer overflow attempt (file-flash.rules)
 * 1:38192 <-> DISABLED <-> FILE-FLASH Adobe Flash Player si32 integer overflow attempt (file-flash.rules)
 * 1:38197 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursion calls stack overflow attempt (file-flash.rules)
 * 1:38198 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursion calls stack overflow attempt (file-flash.rules)
 * 1:38207 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MPD use-after-free attempt (file-flash.rules)
 * 1:38208 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MPD use-after-free attempt (file-flash.rules)
 * 1:38211 <-> DISABLED <-> FILE-PDF Adobe Reader JPEG 2000 chrominance subsampling memory corruption attempt (file-pdf.rules)
 * 1:38212 <-> DISABLED <-> FILE-PDF Adobe Reader JPEG 2000 chrominance subsampling memory corruption attempt (file-pdf.rules)
 * 1:38215 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData.paletteMap size mismatch integer overflow attempt (file-flash.rules)
 * 1:38216 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData.paletteMap size mismatch integer overflow attempt (file-flash.rules)
 * 1:38219 <-> DISABLED <-> FILE-FLASH Adobe Flash Player use after free attempt (file-flash.rules)
 * 1:38220 <-> DISABLED <-> FILE-FLASH Adobe Flash Player use after free (file-flash.rules)
 * 1:38223 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader annotation oversized array memory corruption attempt (file-pdf.rules)
 * 1:38239 <-> DISABLED <-> FILE-FLASH Adobe Flash Player rectangle width integer overflow attempt (file-flash.rules)
 * 1:38241 <-> DISABLED <-> FILE-FLASH Adobe Flash Player rectangle width integer overflow attempt (file-flash.rules)
 * 1:38286 <-> DISABLED <-> SERVER-WEBAPP Reprise License Manager actserver stack buffer overflow attempt (server-webapp.rules)
 * 1:38287 <-> DISABLED <-> SERVER-WEBAPP Reprise License Manager akey stack buffer overflow attempt (server-webapp.rules)
 * 1:38288 <-> DISABLED <-> SERVER-WEBAPP Reprise License Manager licfile stack buffer overflow attempt (server-webapp.rules)
 * 1:38327 <-> DISABLED <-> MALWARE-BACKDOOR ReGeorg proxy read attempt (malware-backdoor.rules)
 * 1:38405 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Transform Class Matrix AS2 use after free attempt (file-flash.rules)
 * 1:38406 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Transform Class Matrix AS2 use after free attempt (file-flash.rules)
 * 1:38409 <-> DISABLED <-> FILE-FLASH Adobe Flash Player JPEG-XR decode buffer overflow attempt (file-flash.rules)
 * 1:38410 <-> DISABLED <-> FILE-FLASH Adobe Flash Player JPEG-XR decode buffer overflow attempt (file-flash.rules)
 * 1:38413 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection to ColorMatrixFilter object type confusion attempt (file-flash.rules)
 * 1:38415 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection to ColorMatrixFilter object type confusion attempt (file-flash.rules)
 * 1:38425 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ExportAssets count memory corruption attempt (file-flash.rules)
 * 1:38430 <-> DISABLED <-> FILE-FLASH Adobe Flash Player toString type confusion memory corruption attempt (file-flash.rules)
 * 1:38433 <-> DISABLED <-> FILE-FLASH Adobe Flash Player toString type confusion memory corruption attempt (file-flash.rules)
 * 1:38481 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel msxml6 ParseElementN use after free attempt (file-office.rules)
 * 1:38482 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel msxml6 ParseElementN use after free attempt (file-office.rules)
 * 1:38577 <-> DISABLED <-> FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (file-flash.rules)
 * 1:38593 <-> DISABLED <-> EXPLOIT-KIT Nuclear Exploit Kit back end communications attempt (exploit-kit.rules)
 * 1:38631 <-> DISABLED <-> FILE-FLASH Angler exploit kit Adobe Flash SWF exploit download (file-flash.rules)
 * 1:38632 <-> DISABLED <-> FILE-FLASH Angler exploit kit Adobe Flash SWF exploit download (file-flash.rules)
 * 1:38635 <-> DISABLED <-> FILE-FLASH Nuclear exploit kit Adobe Flash SWF exploit download (file-flash.rules)
 * 1:38636 <-> DISABLED <-> FILE-FLASH Nuclear exploit kit Adobe Flash SWF exploit download (file-flash.rules)
 * 1:38729 <-> DISABLED <-> SERVER-OTHER Mediabridge Medialink MWN-WAPR300N and Tenda N3 Wireless N150 inbound admin attempt (server-other.rules)
 * 1:38772 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer EMF file integer overflow attempt (browser-ie.rules)
 * 1:38782 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word TTF out-of-bounds memory access attempt (file-office.rules)
 * 1:38783 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word TTF out-of-bounds memory access attempt (file-office.rules)
 * 1:38830 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ContentFactory memory corruption attempt (file-flash.rules)
 * 1:38832 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ContentFactory memory corruption attempt (file-flash.rules)
 * 1:38833 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ContentFactory memory corruption attempt (file-flash.rules)
 * 1:38841 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VBScript toString redim array use after free attempt (browser-ie.rules)
 * 1:38881 <-> DISABLED <-> FILE-FLASH Adobe Flash Player FileReference type confusion attempt (file-flash.rules)
 * 1:38883 <-> DISABLED <-> FILE-FLASH Adobe Flash Player FileReference type confusion attempt (file-flash.rules)
 * 1:38972 <-> DISABLED <-> FILE-FLASH Adobe Flash Player OpportunityGenerator.update memory corruption attempt (file-flash.rules)
 * 1:38973 <-> DISABLED <-> FILE-FLASH Adobe Flash Player OpportunityGenerator.update memory corruption attempt (file-flash.rules)
 * 1:38974 <-> DISABLED <-> FILE-FLASH Adobe Flash Player OpportunityGenerator.update memory corruption attempt (file-flash.rules)
 * 1:38980 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed FlateDecode stream use after free attempt (file-pdf.rules)
 * 1:38981 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed FlateDecode stream use after free attempt (file-pdf.rules)
 * 1:38996 <-> DISABLED <-> FILE-FLASH Adobe Flash Player addProperty use after free attempt (file-flash.rules)
 * 1:38998 <-> DISABLED <-> FILE-FLASH Adobe Flash Player addProperty use after free attempt (file-flash.rules)
 * 1:39009 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setMetadata memory corruption attempt (file-flash.rules)
 * 1:39010 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setMetadata memory corruption attempt (file-flash.rules)
 * 1:39013 <-> DISABLED <-> FILE-PDF Adobe Reader CTJPEGDecoderReadNextTile out of bounds read attempt (file-pdf.rules)
 * 1:39014 <-> DISABLED <-> FILE-PDF Adobe Reader CTJPEGDecoderReadNextTile out of bounds read attempt (file-pdf.rules)
 * 1:39015 <-> DISABLED <-> FILE-PDF Adobe Reader AcroForm dictionary object use after free attempt (file-pdf.rules)
 * 1:39019 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PSDK use-after-free attempt (file-flash.rules)
 * 1:39020 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PSDK use-after-free attempt (file-flash.rules)
 * 1:39022 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PSDK use-after-free attempt (file-flash.rules)
 * 1:39024 <-> DISABLED <-> FILE-FLASH Adobe Flash Player selection.setFocus use after free attempt (file-flash.rules)
 * 1:39025 <-> DISABLED <-> FILE-FLASH Adobe Flash Player selection.setFocus use after free attempt (file-flash.rules)
 * 1:39032 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASSetNative use-after-free attempt (file-flash.rules)
 * 1:39033 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASSetNative use-after-free attempt (file-flash.rules)
 * 1:39102 <-> DISABLED <-> FILE-PDF Adobe Reader PDF embedded JPEG memory corruption attempt (file-pdf.rules)
 * 1:39103 <-> DISABLED <-> FILE-PDF Adobe Reader PDF embedded JPEG memory corruption attempt (file-pdf.rules)
 * 1:39261 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malformed OTF file out-of-bounds memory access attempt (file-other.rules)
 * 1:39272 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShimContentFactory uninitialized pointer use attempt (file-flash.rules)
 * 1:39280 <-> DISABLED <-> FILE-FLASH Adobe Primetime SDK object type confusion overflow attempt (file-flash.rules)
 * 1:39285 <-> DISABLED <-> FILE-FLASH Adobe Flash Player loadSound use after free attempt (file-flash.rules)
 * 1:39288 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShimContentResolver out of bounds memory access attempt (file-flash.rules)
 * 1:39290 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Primetime SDK ShimContentResolver out of bounds memory access attempt (file-flash.rules)
 * 1:39298 <-> DISABLED <-> FILE-FLASH Adobe Flash player retrieveResolvers memory corruption attempt (file-flash.rules)
 * 1:39305 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Primetime SDK ShimContentResolver out of bounds memory access attempt (file-flash.rules)
 * 1:39319 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShimOpportunityGenerator out of bounds memory access attempt (file-flash.rules)
 * 1:39398 <-> DISABLED <-> SERVER-WEBAPP Symantec SEPM management console cross site scripting attempt (server-webapp.rules)
 * 1:39402 <-> DISABLED <-> FILE-OTHER Symantec Antivirus ALPkOldFormatDecompressor out of bounds read attempt (file-other.rules)
 * 1:39441 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer overflow attempt (file-flash.rules)
 * 1:39457 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer underflow attempt (file-flash.rules)
 * 1:39505 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Edge text node table-cell use after free attempt (browser-ie.rules)
 * 1:39524 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel empty bookViews element denial of service attempt (file-office.rules)
 * 1:39525 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel empty bookViews element denial of service attempt (file-office.rules)
 * 1:39540 <-> DISABLED <-> FILE-FLASH Adobe Flash Player local-with-filesystem security bypass attempt (file-flash.rules)
 * 1:39543 <-> DISABLED <-> FILE-FLASH Adobe Flash Player local-with-filesystem security bypass attempt (file-flash.rules)
 * 1:39564 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TimedEvent memory corruption attempt (file-flash.rules)
 * 1:39685 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Tinba variant outbound connection (malware-cnc.rules)
 * 1:39687 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed embeded TTF file memory corruption attempt (file-pdf.rules)
 * 1:39690 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ABRControlParameters access memory corruption attempt (file-flash.rules)
 * 1:39702 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MediaPlayerItemLoader out of bounds memory access attempt (file-flash.rules)
 * 1:39799 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader raster image memory corruption attempt (file-pdf.rules)
 * 1:39824 <-> DISABLED <-> OS-WINDOWS Microsoft Windows GDI emf file integer overflow attempt (os-windows.rules)
 * 1:39843 <-> DISABLED <-> OS-WINDOWS Microsoft Windows gdiplus EMF EmrText out of bounds write attempt (os-windows.rules)
 * 1:39851 <-> DISABLED <-> INDICATOR-COMPROMISE Connection to malware sinkhole - CERT.PL (indicator-compromise.rules)
 * 1:39893 <-> DISABLED <-> OS-LINUX Linux Kernel USBIP out of bounds write attempt (os-linux.rules)
 * 1:39894 <-> DISABLED <-> OS-LINUX Linux Kernel USBIP out of bounds write attempt (os-linux.rules)
 * 1:40075 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel LPenHelper out of bounds write attempt (file-office.rules)
 * 1:40076 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel LPenHelper out of bounds write attempt (file-office.rules)
 * 1:40102 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40103 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40104 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40105 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40106 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40107 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40116 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40117 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40121 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40122 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40152 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DRMManager memory corruption attempt (file-flash.rules)
 * 1:40167 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShimContentResolver out of bounds memory access attempt (file-flash.rules)
 * 1:40178 <-> DISABLED <-> FILE-FLASH Adobe Flash Player local-with-filesystem sandbox escape attempt (file-flash.rules)
 * 1:40236 <-> DISABLED <-> FILE-PDF Adobe Reader embedded font out of bounds memory access attempt (file-pdf.rules)
 * 1:40237 <-> DISABLED <-> FILE-PDF Adobe Reader embedded font out of bounds memory access attempt (file-pdf.rules)
 * 1:40312 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CTreePos type confusion attempt (browser-ie.rules)
 * 1:40375 <-> DISABLED <-> OS-WINDOWS Microsoft Windows insecure BoundaryDescriptor privilege escalation attempt (os-windows.rules)
 * 1:40425 <-> DISABLED <-> OS-WINDOWS Microsoft Windows GDI+ EMF buffer overread attempt (os-windows.rules)
 * 1:40503 <-> DISABLED <-> FILE-FLASH Adobe Flash Player QOSProvider use-after-free attempt (file-flash.rules)
 * 1:40706 <-> DISABLED <-> FILE-OTHER Microsoft Windows OTF cmap table parsing integer overflow attempt (file-other.rules)
 * 1:40717 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel LPenHelper use after free attempt (file-office.rules)
 * 1:40718 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel LPenHelper use after free attempt (file-office.rules)
 * 1:40737 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Primetime SDK AdvertisingMetadata type confustion attempt (file-flash.rules)
 * 1:40743 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource use after free attempt (file-flash.rules)
 * 1:40753 <-> ENABLED <-> EXPLOIT-KIT Rig exploit kit outbound communication (exploit-kit.rules)
 * 1:40813 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight GetChar out of bounds read attempt (browser-plugins.rules)
 * 1:40814 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight GetChar out of bounds read attempt (browser-plugins.rules)
 * 1:40934 <-> DISABLED <-> FILE-EXECUTABLE Nvidia Windows kernel mode driver denial of service attempt (file-executable.rules)
 * 1:40957 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel security descriptor out of bounds read attempt (file-office.rules)
 * 1:40958 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel security descriptor out of bounds read attempt (file-office.rules)
 * 1:40959 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ddeService command execution attempt (file-office.rules)
 * 1:40960 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ddeService command execution attempt (file-office.rules)
 * 1:40983 <-> DISABLED <-> FILE-OTHER Microsoft Internet Explorer malformed ico integer overflow attempt (file-other.rules)
 * 1:41003 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Primetime SDK out of bounds read attempt (file-flash.rules)
 * 1:41015 <-> DISABLED <-> FILE-FLASH Acrobat Flash WorkerDomain memory corruption attempt (file-flash.rules)
 * 1:41026 <-> DISABLED <-> SERVER-WEBAPP Advantech WebAccess Dashboard remote code execution attempt (server-webapp.rules)
 * 1:41310 <-> DISABLED <-> FILE-IMAGE libBPG restore_tqb_pixel out of bounds write attempt (file-image.rules)
 * 1:41344 <-> DISABLED <-> FILE-OTHER CorelDRAW X8 EMF invalid ihBrush field value out of bounds read attempt (file-other.rules)
 * 1:41358 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Primetime SDK ShimContentResolver memory corruption attempt (file-flash.rules)
 * 1:41515 <-> DISABLED <-> POLICY-OTHER McAfee Virus Scan Linux outdated version detected (policy-other.rules)
 * 1:41516 <-> DISABLED <-> SERVER-WEBAPP McAfee Virus Scan Linux file existence test attempt (server-webapp.rules)
 * 1:41521 <-> DISABLED <-> SERVER-WEBAPP McAfee Virus Scan Linux cross site scripting attempt (server-webapp.rules)
 * 1:41565 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:41566 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:41601 <-> DISABLED <-> FILE-PDF Microsoft Edge PDF Builder out of bounds read attempt (file-pdf.rules)
 * 1:41602 <-> DISABLED <-> FILE-PDF Microsoft Edge PDF Builder out of bounds read attempt (file-pdf.rules)
 * 1:41624 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MessageChannel type confusion attempt (file-flash.rules)
 * 1:41630 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PSDK EventDispatch removeEventListener use after free attempt (file-flash.rules)
 * 1:41680 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShimContentResolver out of bounds memory access attempt (file-flash.rules)
 * 1:41681 <-> DISABLED <-> SERVER-WEBAPP McAfee Virus Scan Linux remote code execution attempt (server-webapp.rules)
 * 1:41783 <-> ENABLED <-> EXPLOIT-KIT Rig exploit kit URL outbound communication (exploit-kit.rules)
 * 1:41818 <-> DISABLED <-> SERVER-APACHE Apache Struts remote code execution attempt (server-apache.rules)
 * 1:41819 <-> DISABLED <-> SERVER-APACHE Apache Struts remote code execution attempt (server-apache.rules)
 * 1:41976 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel shared strings memory corruption attempt (file-office.rules)
 * 1:41977 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel shared strings memory corruption attempt (file-office.rules)
 * 1:41979 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel shared strings memory corruption attempt (file-office.rules)
 * 1:41980 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel shared strings memory corruption attempt (file-office.rules)
 * 1:42080 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Jenxcus outbound connection with unique User-Agent (malware-cnc.rules)
 * 1:42097 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Resolution Opportunity parameter memory corruption attempt (file-flash.rules)
 * 1:42150 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malformed OTF file out-of-bounds memory access attempt (file-other.rules)
 * 1:42151 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malformed OTF file out-of-bounds memory access attempt (file-other.rules)
 * 1:42161 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel  out of bounds memory attempt (file-office.rules)
 * 1:42162 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel out of bounds memory attempt (file-office.rules)
 * 1:42222 <-> DISABLED <-> SERVER-WEBAPP Moxa MX Studio login page denial of service attempt (server-webapp.rules)
 * 1:42372 <-> ENABLED <-> POLICY-OTHER eicar file detected (policy-other.rules)
 * 1:42373 <-> ENABLED <-> POLICY-OTHER eicar file detected (policy-other.rules)
 * 1:42374 <-> ENABLED <-> POLICY-OTHER eicar file detected (policy-other.rules)
 * 1:42375 <-> ENABLED <-> POLICY-OTHER eicar file detected (policy-other.rules)
 * 1:42376 <-> ENABLED <-> POLICY-OTHER eicar file detected (policy-other.rules)
 * 1:42810 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData out of bounds memory access attempt (file-flash.rules)
 * 1:42811 <-> DISABLED <-> BROWSER-IE Microsoft Edge Chakra Engine use-after-free attempt (browser-ie.rules)
 * 1:42812 <-> DISABLED <-> BROWSER-IE Microsoft Edge Chakra Engine use-after-free attempt (browser-ie.rules)
 * 1:42816 <-> DISABLED <-> FILE-FLASH Adobe Flash Player display object mask use after free attempt (file-flash.rules)
 * 1:42817 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayObject use after free attempt (file-flash.rules)
 * 1:42902 <-> DISABLED <-> FILE-OFFICE Microsoft Office EPS restore command use after free attempt (file-office.rules)
 * 1:42904 <-> DISABLED <-> FILE-OFFICE Microsoft Office EPS restore command use after free attempt (file-office.rules)
 * 1:42911 <-> DISABLED <-> FILE-PDF Acrobat Reader TIFF malformed IFD tag heap overflow attempt (file-pdf.rules)
 * 1:42913 <-> DISABLED <-> FILE-PDF Acrobat Reader TIFF malformed IFD tag heap overflow attempt (file-pdf.rules)
 * 1:42915 <-> DISABLED <-> FILE-PDF Acrobat Reader TIFF malformed IFD tag heap overflow attempt (file-pdf.rules)
 * 1:43048 <-> DISABLED <-> FILE-FLASH Adobe Flash Player JSON stringify memory corruption attempt (file-flash.rules)
 * 1:43169 <-> DISABLED <-> BROWSER-IE Microsoft Edge textContent use after free attempt (browser-ie.rules)
 * 1:43179 <-> DISABLED <-> FILE-OFFICE Powerpoint mouseover powershell malware download attempt (file-office.rules)
 * 1:43221 <-> DISABLED <-> MALWARE-OTHER Win.Trojan-Downloader.Jadtree GET request of RAR file to server (malware-other.rules)
 * 1:43383 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AdvertisingMetadata use after free attempt (file-flash.rules)
 * 1:43396 <-> DISABLED <-> FILE-FLASH Adobe Acrobat Reader profile use after free attempt (file-flash.rules)

2020-10-29 14:07:10 UTC

Snort Subscriber Rules Update

Date: 2020-10-29

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 3000.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:56166 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.PyVil outbound communication attempt (snort3-malware-other.rules)
 * 1:56140 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Czxz-9784395-0 download attempt (snort3-malware-other.rules)
 * 1:56165 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.PyVil download attempt (snort3-malware-other.rules)
 * 1:56156 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook email parsing remote code execution attempt (snort3-file-office.rules)
 * 1:56157 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook email parsing remote code execution attempt (snort3-file-office.rules)
 * 1:56154 <-> DISABLED <-> SERVER-WEBAPP MobileIron Core & Connector remote code execution attempt (snort3-server-webapp.rules)
 * 1:56164 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.PyVil download attempt (snort3-malware-other.rules)
 * 1:56142 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.Zusy-9784403-0 download attempt (snort3-malware-other.rules)
 * 1:56167 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.PyVil download attempt (snort3-malware-other.rules)
 * 1:56151 <-> DISABLED <-> SERVER-OTHER Adobe ColdFusion vulnerable DataServicesCFProxy class reference attempt (snort3-server-other.rules)
 * 1:56155 <-> DISABLED <-> SERVER-WEBAPP MobileIron Core & Connector remote code execution attempt (snort3-server-webapp.rules)
 * 1:56139 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Czxz-9784395-0 download attempt (snort3-malware-other.rules)
 * 1:56163 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.PyVil download attempt (snort3-malware-other.rules)
 * 1:56150 <-> DISABLED <-> SERVER-OTHER Adobe ColdFusion DataServicesCFProxy insecure Java deserialization attempt (snort3-server-other.rules)
 * 1:56162 <-> ENABLED <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt (snort3-server-webapp.rules)
 * 1:56141 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.Zusy-9784403-0 download attempt (snort3-malware-other.rules)

Modified Rules:


 * 1:37247 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeMovieClip use after free attempt (snort3-file-flash.rules)
 * 1:44431 <-> DISABLED <-> FILE-OFFICE Fin7 Maldoc campaign exploitation attempt  (snort3-file-office.rules)
 * 1:37727 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (snort3-file-other.rules)
 * 1:37757 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid sourceRect copyPixels heap corruption attempt (snort3-file-flash.rules)
 * 1:37745 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextLine memory corruption attempt (snort3-file-flash.rules)
 * 1:37754 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Point object integer overflow attempt (snort3-file-flash.rules)
 * 1:37741 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BlurFilter memory corruption attempt (snort3-file-flash.rules)
 * 1:37938 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (snort3-file-multimedia.rules)
 * 1:49788 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Zacinlo outbound connection (snort3-malware-cnc.rules)
 * 1:37758 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid sourceRect copyPixels heap corruption attempt (snort3-file-flash.rules)
 * 1:37824 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (snort3-file-other.rules)
 * 1:37755 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Point object integer overflow attempt (snort3-file-flash.rules)
 * 1:38101 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word wwlib.dll invalid pointer read attempt (snort3-file-office.rules)
 * 1:37939 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (snort3-file-multimedia.rules)
 * 1:38074 <-> DISABLED <-> BROWSER-IE Microsoft Edge CAsyncTpWorker Windows.Data.Pdf.dll object use after free attempt (snort3-browser-ie.rules)
 * 1:37825 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (snort3-file-other.rules)
 * 1:38170 <-> DISABLED <-> FILE-FLASH Adobe Flash Player hitTest BitmapData object integer overflow attempt (snort3-file-flash.rules)
 * 1:38165 <-> DISABLED <-> FILE-FLASH Adobe Flash Player hitTest BitmapData object integer overflow attempt (snort3-file-flash.rules)
 * 1:38167 <-> DISABLED <-> FILE-FLASH Adobe Flash Player hitTest BitmapData object integer overflow attempt (snort3-file-flash.rules)
 * 1:38076 <-> DISABLED <-> BROWSER-IE Microsoft Edge CAsyncTpWorker Windows.Data.Pdf.dll object use after free attempt (snort3-browser-ie.rules)
 * 1:38184 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 multiple axis attributes integer overflow attempt (snort3-file-flash.rules)
 * 1:38175 <-> DISABLED <-> FILE-FLASH Adobe Standalone Flash Player texfield getter use after free attempt (snort3-file-flash.rules)
 * 1:38179 <-> DISABLED <-> FILE-FLASH Adobe Standalone Flash Player ASnative object use after free attempt (snort3-file-flash.rules)
 * 1:38169 <-> DISABLED <-> FILE-FLASH Adobe Flash Player hitTest BitmapData object integer overflow attempt (snort3-file-flash.rules)
 * 1:38198 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursion calls stack overflow attempt (snort3-file-flash.rules)
 * 1:38191 <-> DISABLED <-> FILE-FLASH Adobe Flash Player si32 integer overflow attempt (snort3-file-flash.rules)
 * 1:38192 <-> DISABLED <-> FILE-FLASH Adobe Flash Player si32 integer overflow attempt (snort3-file-flash.rules)
 * 1:38182 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 multiple axis attributes integer overflow attempt (snort3-file-flash.rules)
 * 1:38212 <-> DISABLED <-> FILE-PDF Adobe Reader JPEG 2000 chrominance subsampling memory corruption attempt (snort3-file-pdf.rules)
 * 1:38207 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MPD use-after-free attempt (snort3-file-flash.rules)
 * 1:38208 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MPD use-after-free attempt (snort3-file-flash.rules)
 * 1:38197 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursion calls stack overflow attempt (snort3-file-flash.rules)
 * 1:38220 <-> DISABLED <-> FILE-FLASH Adobe Flash Player use after free (snort3-file-flash.rules)
 * 1:38215 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData.paletteMap size mismatch integer overflow attempt (snort3-file-flash.rules)
 * 1:38216 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData.paletteMap size mismatch integer overflow attempt (snort3-file-flash.rules)
 * 1:38211 <-> DISABLED <-> FILE-PDF Adobe Reader JPEG 2000 chrominance subsampling memory corruption attempt (snort3-file-pdf.rules)
 * 1:38286 <-> DISABLED <-> SERVER-WEBAPP Reprise License Manager actserver stack buffer overflow attempt (snort3-server-webapp.rules)
 * 1:38223 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader annotation oversized array memory corruption attempt (snort3-file-pdf.rules)
 * 1:38239 <-> DISABLED <-> FILE-FLASH Adobe Flash Player rectangle width integer overflow attempt (snort3-file-flash.rules)
 * 1:38219 <-> DISABLED <-> FILE-FLASH Adobe Flash Player use after free attempt (snort3-file-flash.rules)
 * 1:38405 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Transform Class Matrix AS2 use after free attempt (snort3-file-flash.rules)
 * 1:38287 <-> DISABLED <-> SERVER-WEBAPP Reprise License Manager akey stack buffer overflow attempt (snort3-server-webapp.rules)
 * 1:38288 <-> DISABLED <-> SERVER-WEBAPP Reprise License Manager licfile stack buffer overflow attempt (snort3-server-webapp.rules)
 * 1:38241 <-> DISABLED <-> FILE-FLASH Adobe Flash Player rectangle width integer overflow attempt (snort3-file-flash.rules)
 * 1:38413 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection to ColorMatrixFilter object type confusion attempt (snort3-file-flash.rules)
 * 1:38406 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Transform Class Matrix AS2 use after free attempt (snort3-file-flash.rules)
 * 1:38409 <-> DISABLED <-> FILE-FLASH Adobe Flash Player JPEG-XR decode buffer overflow attempt (snort3-file-flash.rules)
 * 1:38327 <-> DISABLED <-> MALWARE-BACKDOOR ReGeorg proxy read attempt (snort3-malware-backdoor.rules)
 * 1:38433 <-> DISABLED <-> FILE-FLASH Adobe Flash Player toString type confusion memory corruption attempt (snort3-file-flash.rules)
 * 1:43913 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Professional XPS2PDF memory corruption attempt (snort3-file-other.rules)
 * 1:38415 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection to ColorMatrixFilter object type confusion attempt (snort3-file-flash.rules)
 * 1:38425 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ExportAssets count memory corruption attempt (snort3-file-flash.rules)
 * 1:38410 <-> DISABLED <-> FILE-FLASH Adobe Flash Player JPEG-XR decode buffer overflow attempt (snort3-file-flash.rules)
 * 1:38593 <-> DISABLED <-> EXPLOIT-KIT Nuclear Exploit Kit back end communications attempt (snort3-exploit-kit.rules)
 * 1:38481 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel msxml6 ParseElementN use after free attempt (snort3-file-office.rules)
 * 1:38482 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel msxml6 ParseElementN use after free attempt (snort3-file-office.rules)
 * 1:38430 <-> DISABLED <-> FILE-FLASH Adobe Flash Player toString type confusion memory corruption attempt (snort3-file-flash.rules)
 * 1:38636 <-> DISABLED <-> FILE-FLASH Nuclear exploit kit Adobe Flash SWF exploit download (snort3-file-flash.rules)
 * 1:38631 <-> DISABLED <-> FILE-FLASH Angler exploit kit Adobe Flash SWF exploit download (snort3-file-flash.rules)
 * 1:38632 <-> DISABLED <-> FILE-FLASH Angler exploit kit Adobe Flash SWF exploit download (snort3-file-flash.rules)
 * 1:38577 <-> DISABLED <-> FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (snort3-file-flash.rules)
 * 1:38783 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word TTF out-of-bounds memory access attempt (snort3-file-office.rules)
 * 1:38729 <-> DISABLED <-> SERVER-OTHER Mediabridge Medialink MWN-WAPR300N and Tenda N3 Wireless N150 inbound admin attempt (snort3-server-other.rules)
 * 1:38772 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer EMF file integer overflow attempt (snort3-browser-ie.rules)
 * 1:38635 <-> DISABLED <-> FILE-FLASH Nuclear exploit kit Adobe Flash SWF exploit download (snort3-file-flash.rules)
 * 1:38841 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VBScript toString redim array use after free attempt (snort3-browser-ie.rules)
 * 1:38830 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ContentFactory memory corruption attempt (snort3-file-flash.rules)
 * 1:38832 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ContentFactory memory corruption attempt (snort3-file-flash.rules)
 * 1:38782 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word TTF out-of-bounds memory access attempt (snort3-file-office.rules)
 * 1:38973 <-> DISABLED <-> FILE-FLASH Adobe Flash Player OpportunityGenerator.update memory corruption attempt (snort3-file-flash.rules)
 * 1:38881 <-> DISABLED <-> FILE-FLASH Adobe Flash Player FileReference type confusion attempt (snort3-file-flash.rules)
 * 1:38883 <-> DISABLED <-> FILE-FLASH Adobe Flash Player FileReference type confusion attempt (snort3-file-flash.rules)
 * 1:38833 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ContentFactory memory corruption attempt (snort3-file-flash.rules)
 * 1:38996 <-> DISABLED <-> FILE-FLASH Adobe Flash Player addProperty use after free attempt (snort3-file-flash.rules)
 * 1:38974 <-> DISABLED <-> FILE-FLASH Adobe Flash Player OpportunityGenerator.update memory corruption attempt (snort3-file-flash.rules)
 * 1:38980 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed FlateDecode stream use after free attempt (snort3-file-pdf.rules)
 * 1:38972 <-> DISABLED <-> FILE-FLASH Adobe Flash Player OpportunityGenerator.update memory corruption attempt (snort3-file-flash.rules)
 * 1:39013 <-> DISABLED <-> FILE-PDF Adobe Reader CTJPEGDecoderReadNextTile out of bounds read attempt (snort3-file-pdf.rules)
 * 1:38998 <-> DISABLED <-> FILE-FLASH Adobe Flash Player addProperty use after free attempt (snort3-file-flash.rules)
 * 1:39009 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setMetadata memory corruption attempt (snort3-file-flash.rules)
 * 1:38981 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed FlateDecode stream use after free attempt (snort3-file-pdf.rules)
 * 1:39020 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PSDK use-after-free attempt (snort3-file-flash.rules)
 * 1:39014 <-> DISABLED <-> FILE-PDF Adobe Reader CTJPEGDecoderReadNextTile out of bounds read attempt (snort3-file-pdf.rules)
 * 1:39015 <-> DISABLED <-> FILE-PDF Adobe Reader AcroForm dictionary object use after free attempt (snort3-file-pdf.rules)
 * 1:39010 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setMetadata memory corruption attempt (snort3-file-flash.rules)
 * 1:39032 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASSetNative use-after-free attempt (snort3-file-flash.rules)
 * 1:39022 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PSDK use-after-free attempt (snort3-file-flash.rules)
 * 1:39024 <-> DISABLED <-> FILE-FLASH Adobe Flash Player selection.setFocus use after free attempt (snort3-file-flash.rules)
 * 1:39019 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PSDK use-after-free attempt (snort3-file-flash.rules)
 * 1:39261 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malformed OTF file out-of-bounds memory access attempt (snort3-file-other.rules)
 * 1:39033 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASSetNative use-after-free attempt (snort3-file-flash.rules)
 * 1:39102 <-> DISABLED <-> FILE-PDF Adobe Reader PDF embedded JPEG memory corruption attempt (snort3-file-pdf.rules)
 * 1:39025 <-> DISABLED <-> FILE-FLASH Adobe Flash Player selection.setFocus use after free attempt (snort3-file-flash.rules)
 * 1:39288 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShimContentResolver out of bounds memory access attempt (snort3-file-flash.rules)
 * 1:39272 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShimContentFactory uninitialized pointer use attempt (snort3-file-flash.rules)
 * 1:39280 <-> DISABLED <-> FILE-FLASH Adobe Primetime SDK object type confusion overflow attempt (snort3-file-flash.rules)
 * 1:39103 <-> DISABLED <-> FILE-PDF Adobe Reader PDF embedded JPEG memory corruption attempt (snort3-file-pdf.rules)
 * 1:39319 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShimOpportunityGenerator out of bounds memory access attempt (snort3-file-flash.rules)
 * 1:39290 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Primetime SDK ShimContentResolver out of bounds memory access attempt (snort3-file-flash.rules)
 * 1:39298 <-> DISABLED <-> FILE-FLASH Adobe Flash player retrieveResolvers memory corruption attempt (snort3-file-flash.rules)
 * 1:39285 <-> DISABLED <-> FILE-FLASH Adobe Flash Player loadSound use after free attempt (snort3-file-flash.rules)
 * 1:39457 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer underflow attempt (snort3-file-flash.rules)
 * 1:39398 <-> DISABLED <-> SERVER-WEBAPP Symantec SEPM management console cross site scripting attempt (snort3-server-webapp.rules)
 * 1:39402 <-> DISABLED <-> FILE-OTHER Symantec Antivirus ALPkOldFormatDecompressor out of bounds read attempt (snort3-file-other.rules)
 * 1:39305 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Primetime SDK ShimContentResolver out of bounds memory access attempt (snort3-file-flash.rules)
 * 1:39540 <-> DISABLED <-> FILE-FLASH Adobe Flash Player local-with-filesystem security bypass attempt (snort3-file-flash.rules)
 * 1:39505 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Edge text node table-cell use after free attempt (snort3-browser-ie.rules)
 * 1:39524 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel empty bookViews element denial of service attempt (snort3-file-office.rules)
 * 1:39441 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer overflow attempt (snort3-file-flash.rules)
 * 1:39687 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed embeded TTF file memory corruption attempt (snort3-file-pdf.rules)
 * 1:39543 <-> DISABLED <-> FILE-FLASH Adobe Flash Player local-with-filesystem security bypass attempt (snort3-file-flash.rules)
 * 1:39564 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TimedEvent memory corruption attempt (snort3-file-flash.rules)
 * 1:39525 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel empty bookViews element denial of service attempt (snort3-file-office.rules)
 * 1:39824 <-> DISABLED <-> OS-WINDOWS Microsoft Windows GDI emf file integer overflow attempt (snort3-os-windows.rules)
 * 1:39690 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ABRControlParameters access memory corruption attempt (snort3-file-flash.rules)
 * 1:39702 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MediaPlayerItemLoader out of bounds memory access attempt (snort3-file-flash.rules)
 * 1:39685 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Tinba variant outbound connection (snort3-malware-cnc.rules)
 * 1:39894 <-> DISABLED <-> OS-LINUX Linux Kernel USBIP out of bounds write attempt (snort3-os-linux.rules)
 * 1:39843 <-> DISABLED <-> OS-WINDOWS Microsoft Windows gdiplus EMF EmrText out of bounds write attempt (snort3-os-windows.rules)
 * 1:39851 <-> DISABLED <-> INDICATOR-COMPROMISE Connection to malware sinkhole - CERT.PL (snort3-indicator-compromise.rules)
 * 1:39799 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader raster image memory corruption attempt (snort3-file-pdf.rules)
 * 1:40103 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (snort3-file-office.rules)
 * 1:40075 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel LPenHelper out of bounds write attempt (snort3-file-office.rules)
 * 1:40076 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel LPenHelper out of bounds write attempt (snort3-file-office.rules)
 * 1:39893 <-> DISABLED <-> OS-LINUX Linux Kernel USBIP out of bounds write attempt (snort3-os-linux.rules)
 * 1:37239 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object hasOwnProperty use after free attempt (snort3-file-flash.rules)
 * 1:40107 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (snort3-file-office.rules)
 * 1:40104 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (snort3-file-office.rules)
 * 1:40105 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (snort3-file-office.rules)
 * 1:40102 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (snort3-file-office.rules)
 * 1:40122 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (snort3-file-office.rules)
 * 1:40116 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (snort3-file-office.rules)
 * 1:37267 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight GetChar out of bounds read attempt (snort3-browser-plugins.rules)
 * 1:45978 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB kernel heap memory leak attempt (snort3-os-windows.rules)
 * 1:37265 <-> DISABLED <-> FILE-OFFICE Microsoft Office metafile conversion out of bounds read attempt (snort3-file-office.rules)
 * 1:47678 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Torpplar variant outbound connection (snort3-malware-cnc.rules)
 * 1:44688 <-> DISABLED <-> SERVER-WEBAPP Netgear DGN1000 series routers arbitrary command execution attempt (snort3-server-webapp.rules)
 * 1:45973 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Chafer malicious communication attempt (snort3-malware-cnc.rules)
 * 1:45169 <-> DISABLED <-> BROWSER-IE Microsoft Edge array type confusion attempt (snort3-browser-ie.rules)
 * 1:46989 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.MBRLock file download (snort3-malware-other.rules)
 * 1:45643 <-> DISABLED <-> MALWARE-CNC Vbs.Trojan.Agent inbound payload download (snort3-malware-cnc.rules)
 * 1:49255 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (snort3-file-java.rules)
 * 1:43993 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader graphics engine memory corruption attempt (snort3-file-pdf.rules)
 * 1:46135 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Krodown variant connection attempt (snort3-malware-cnc.rules)
 * 1:46371 <-> DISABLED <-> PUA-OTHER Moonify TLS server hello attempt (snort3-pua-other.rules)
 * 1:56131 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (snort3-browser-chrome.rules)
 * 1:56132 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (snort3-browser-chrome.rules)
 * 1:56133 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (snort3-browser-chrome.rules)
 * 1:56138 <-> ENABLED <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt (snort3-server-webapp.rules)
 * 1:44969 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF EmfPlusFont memory corruption attempt (snort3-file-image.rules)
 * 1:45642 <-> DISABLED <-> MALWARE-CNC Vbs.Trojan.Agent outbound connection (snort3-malware-cnc.rules)
 * 1:45923 <-> DISABLED <-> EXPLOIT-KIT Terror EK dll download attempt (snort3-exploit-kit.rules)
 * 1:46137 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Cidox variant outbound connection attempt (snort3-malware-cnc.rules)
 * 1:45162 <-> DISABLED <-> BROWSER-IE Microsoft Edge memory corruption attempt (snort3-browser-ie.rules)
 * 1:44903 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PSDK Metadata memory corruption attempt (snort3-file-flash.rules)
 * 1:47148 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ursnif malicious file download (snort3-malware-cnc.rules)
 * 1:45132 <-> DISABLED <-> FILE-OFFICE Microsoft Office Equation Editor object stack buffer overflow attempt (snort3-file-office.rules)
 * 1:43994 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader graphics engine memory corruption attempt (snort3-file-pdf.rules)
 * 1:46584 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (snort3-malware-cnc.rules)
 * 1:46252 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Rovnix outbound connection attempt (snort3-malware-cnc.rules)
 * 1:45922 <-> DISABLED <-> EXPLOIT-KIT Terror EK exe download attempt (snort3-exploit-kit.rules)
 * 1:46793 <-> DISABLED <-> OS-WINDOWS Malicious zip download attempt (snort3-os-windows.rules)
 * 1:46491 <-> DISABLED <-> FILE-PDF Adobe Flash Player ActionScript setFocus use after free attempt (snort3-file-pdf.rules)
 * 1:46782 <-> DISABLED <-> MALWARE-CNC Unix.Trojan.Vpnfilter variant SSL connection attempt (snort3-malware-cnc.rules)
 * 1:46744 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dropper malicious executable download attempt (snort3-malware-cnc.rules)
 * 1:43978 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader graphics engine memory corruption attempt (snort3-file-pdf.rules)
 * 1:44016 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Rectangle constructor use after free attempt (snort3-file-flash.rules)
 * 1:47056 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel empty bookViews element denial of service attempt (snort3-file-office.rules)
 * 1:46129 <-> DISABLED <-> MALWARE-CNC Win.Trojan.HW32 variant outbound connection (snort3-malware-cnc.rules)
 * 1:44430 <-> DISABLED <-> FILE-OFFICE Fin7 Maldoc campaign exploitation attempt  (snort3-file-office.rules)
 * 1:45148 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Array out of bounds write attempt (snort3-browser-ie.rules)
 * 1:45904 <-> DISABLED <-> MALWARE-BACKDOOR CobaltStrike inbound beacon download (snort3-malware-backdoor.rules)
 * 1:45646 <-> DISABLED <-> MALWARE-CNC Vbs.Trojan.Agent outbound system information disclosure (snort3-malware-cnc.rules)
 * 1:44657 <-> DISABLED <-> SERVER-WEBAPP Unitrends Enterprise Backup API SQL injection attempt (snort3-server-webapp.rules)
 * 1:46586 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (snort3-malware-cnc.rules)
 * 1:45773 <-> DISABLED <-> MALWARE-CNC Win.Trojan.CannibalRAT outbound upload attempt (snort3-malware-cnc.rules)
 * 1:46583 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (snort3-malware-cnc.rules)
 * 1:45772 <-> DISABLED <-> MALWARE-CNC Win.Trojan.CannibalRAT outbound reporting attempt (snort3-malware-cnc.rules)
 * 1:45336 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ursnif variant outbound connection attempt (snort3-malware-cnc.rules)
 * 1:44017 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Rectangle constructor use after free attempt (snort3-file-flash.rules)
 * 1:45564 <-> DISABLED <-> MALWARE-CNC Unix.Trojan.Vpnfilter variant outbound connection attempt (snort3-malware-cnc.rules)
 * 1:44892 <-> DISABLED <-> FILE-FLASH Adobe Flash Player determinePreferredLocales memory corruption attempt (snort3-file-flash.rules)
 * 1:46372 <-> DISABLED <-> PUA-OTHER Moonify TLS client hello attempt (snort3-pua-other.rules)
 * 1:46581 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (snort3-malware-cnc.rules)
 * 1:44052 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word EPS filter PostScript object use after free attempt (snort3-file-office.rules)
 * 1:45949 <-> DISABLED <-> PUA-OTHER Coinhive TLS server hello attempt (snort3-pua-other.rules)
 * 1:45130 <-> DISABLED <-> OS-WINDOWS Microsoft Windows RRAS service arbitrary pointer dereference attempt (snort3-os-windows.rules)
 * 1:47006 <-> DISABLED <-> MALWARE-CNC Win.Trojan.SocketPlayer outbound connection (snort3-malware-cnc.rules)
 * 1:46580 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (snort3-malware-cnc.rules)
 * 1:44338 <-> DISABLED <-> BROWSER-IE Microsoft Edge denial of service attempt (snort3-browser-ie.rules)
 * 1:44620 <-> DISABLED <-> MALWARE-CNC Android Red Alert Trojan outbound connection (snort3-malware-cnc.rules)
 * 1:44929 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF out of bounds write attempt (snort3-file-image.rules)
 * 1:45370 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word docx subDocument file include attempt (snort3-file-office.rules)
 * 1:46251 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Rovnix outbound connection attempt (snort3-malware-cnc.rules)
 * 1:45371 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word docx subDocument file include attempt (snort3-file-office.rules)
 * 1:44619 <-> DISABLED <-> MALWARE-CNC Android Red Alert Trojan outbound connection (snort3-malware-cnc.rules)
 * 1:45972 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Chafer malicious communication attempt (snort3-malware-cnc.rules)
 * 1:44964 <-> DISABLED <-> FILE-FLASH Adobe Flash Player tvsdk object use after free attempt (snort3-file-flash.rules)
 * 1:37776 <-> DISABLED <-> FILE-FLASH Adobe Flash Player LoadVars use-after-free attempt (snort3-file-flash.rules)
 * 1:47557 <-> DISABLED <-> MALWARE-CNC Win.Trojan.PLEAD downloader outbound connection (snort3-malware-cnc.rules)
 * 1:37268 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight GetChar out of bounds read attempt (snort3-browser-plugins.rules)
 * 1:47175 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ddeService command execution attempt (snort3-file-office.rules)
 * 1:37601 <-> DISABLED <-> FILE-OFFICE Microsoft Powerpoint shape objects null pointer dereference memory corruption attempt (snort3-file-office.rules)
 * 1:46249 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Rovnix outbound connection attempt (snort3-malware-cnc.rules)
 * 1:37216 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MovieClip setMask use after free attempt (snort3-file-flash.rules)
 * 1:46250 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Rovnix outbound connection attempt (snort3-malware-cnc.rules)
 * 1:44360 <-> DISABLED <-> SERVER-WEBAPP Trend Micro proxy_controller.php command injection attempt (snort3-server-webapp.rules)
 * 1:43977 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader graphics engine memory corruption attempt (snort3-file-pdf.rules)
 * 1:44646 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.BadRabbit propagation via SVCCTL remote service attempt (snort3-malware-other.rules)
 * 1:43912 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Professional XPS2PDF memory corruption attempt (snort3-file-other.rules)
 * 1:36812 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer nonexistent attribute removal memory corruption attempt (snort3-browser-ie.rules)
 * 1:37259 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel mso20win32client use after free attempt (snort3-file-office.rules)
 * 1:47701 <-> DISABLED <-> MALWARE-CNC Win.Backdoor.Iniduoh variant outbound connection (snort3-malware-cnc.rules)
 * 1:36715 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel slicer style use-after-free attempt (snort3-file-office.rules)
 * 1:36751 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel MdCallBack out of bounds read attempt (snort3-file-office.rules)
 * 1:36713 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ClickOnce information disclosure attempt (snort3-os-windows.rules)
 * 1:49376 <-> DISABLED <-> SERVER-APACHE Apache Struts remote code execution attempt (snort3-server-apache.rules)
 * 1:36822 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (snort3-file-flash.rules)
 * 1:36819 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (snort3-file-flash.rules)
 * 1:36820 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (snort3-file-flash.rules)
 * 1:36752 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel MdCallBack out of bounds read attempt (snort3-file-office.rules)
 * 1:36832 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 actionExtends use-after-free attempt (snort3-file-flash.rules)
 * 1:36829 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 actionExtends use-after-free attempt (snort3-file-flash.rules)
 * 1:36830 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 actionExtends use-after-free attempt (snort3-file-flash.rules)
 * 1:37797 <-> DISABLED <-> FILE-FLASH Adobe Flash Player rectangle memory access violation attempt (snort3-file-flash.rules)
 * 1:36821 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (snort3-file-flash.rules)
 * 1:37592 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel formula length heap corruption attempt (snort3-file-office.rules)
 * 1:36863 <-> DISABLED <-> FILE-FLASH Adobe Flash Player attachsound use-after-free attempt (snort3-file-flash.rules)
 * 1:36846 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 TextField gridFitType use after free attempt (snort3-file-flash.rules)
 * 1:36859 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (snort3-file-flash.rules)
 * 1:36831 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 actionExtends use-after-free attempt (snort3-file-flash.rules)
 * 1:36961 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word XML parsing use after free attempt (snort3-file-office.rules)
 * 1:36864 <-> DISABLED <-> FILE-FLASH Adobe Flash Player attachsound use-after-free attempt (snort3-file-flash.rules)
 * 1:36883 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (snort3-file-flash.rules)
 * 1:37345 <-> DISABLED <-> FILE-FLASH Adobe Flash Player improper display list handling memory corruption attempt (snort3-file-flash.rules)
 * 1:36860 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (snort3-file-flash.rules)
 * 1:37074 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter integer overflow attempt (snort3-file-flash.rules)
 * 1:36998 <-> DISABLED <-> OS-WINDOWS Microsoft .NET Silverlight manifest resource file information disclosure attempt (snort3-os-windows.rules)
 * 1:37792 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative use after free attempt (snort3-file-flash.rules)
 * 1:37071 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter integer overflow attempt (snort3-file-flash.rules)
 * 1:36960 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word XML parsing use after free attempt (snort3-file-office.rules)
 * 1:37085 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array memory corruption attempt (snort3-file-flash.rules)
 * 1:47556 <-> DISABLED <-> MALWARE-CNC Win.Trojan.PLEAD downloader outbound connection (snort3-malware-cnc.rules)
 * 1:37075 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter integer overflow attempt (snort3-file-flash.rules)
 * 1:37081 <-> DISABLED <-> FILE-FLASH Adobe Flash Player String length heap buffer overflow attempt (snort3-file-flash.rules)
 * 1:37072 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter integer overflow attempt (snort3-file-flash.rules)
 * 1:37092 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SoundURLStream memory corruption attempt (snort3-file-flash.rules)
 * 1:37086 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array memory corruption attempt (snort3-file-flash.rules)
 * 1:37774 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript constructor use after free attempt (snort3-file-flash.rules)
 * 1:37090 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PrintJob object use-after-free attempt (snort3-file-flash.rules)
 * 1:37082 <-> DISABLED <-> FILE-FLASH Adobe Flash Player String length heap buffer overflow attempt (snort3-file-flash.rules)
 * 1:37109 <-> DISABLED <-> FILE-FLASH Adobe Flash Player selection.setFocus use after free attempt (snort3-file-flash.rules)
 * 1:37094 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SoundURLStream memory corruption attempt (snort3-file-flash.rules)
 * 1:37764 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData method memory corruption attempt (snort3-file-flash.rules)
 * 1:37105 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MovieClip object use-after-free attempt (snort3-file-flash.rules)
 * 1:37091 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PrintJob object use-after-free attempt (snort3-file-flash.rules)
 * 1:37550 <-> DISABLED <-> EXPLOIT-KIT Nuclear landing page detected (snort3-exploit-kit.rules)
 * 1:37121 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MP3 ID3 data parsing heap buffer overflow attempt (snort3-file-flash.rules)
 * 1:37110 <-> DISABLED <-> FILE-FLASH Adobe Flash Player selection.setFocus use after free attempt (snort3-file-flash.rules)
 * 1:37118 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (snort3-file-flash.rules)
 * 1:37771 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative custom getter use after free attempt (snort3-file-flash.rules)
 * 1:37106 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MovieClip object use-after-free attempt (snort3-file-flash.rules)
 * 1:37135 <-> DISABLED <-> SERVER-WEBAPP Fireeye Java decompiler reflection remote code execution attempt (snort3-server-webapp.rules)
 * 1:46582 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (snort3-malware-cnc.rules)
 * 1:37123 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MP3 ID3 data parsing heap buffer overflow attempt (snort3-file-flash.rules)
 * 1:37128 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 setTransform use-after-free attempt (snort3-file-flash.rules)
 * 1:37119 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (snort3-file-flash.rules)
 * 1:37157 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject send stack buffer overflow attempt (snort3-file-flash.rules)
 * 1:37136 <-> DISABLED <-> SERVER-WEBAPP Fireeye Java decompiler reflection remote code execution attempt (snort3-server-webapp.rules)
 * 1:37144 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SetSlot type confusion attempt (snort3-file-flash.rules)
 * 1:37129 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 setTransform use-after-free attempt (snort3-file-flash.rules)
 * 1:37167 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLStream use after free attempt (snort3-file-flash.rules)
 * 1:37159 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject send stack buffer overflow attempt (snort3-file-flash.rules)
 * 1:37160 <-> DISABLED <-> FILE-FLASH Adobe Flash Player oversize source bitmap memory corruption attempt (snort3-file-flash.rules)
 * 1:37145 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SetSlot type confusion attempt (snort3-file-flash.rules)
 * 1:37171 <-> DISABLED <-> FILE-FLASH Adobe Flash Player heap memory disclosure via custom valueOf handler attempt (snort3-file-flash.rules)
 * 1:37168 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLStream use after free attempt (snort3-file-flash.rules)
 * 1:37169 <-> DISABLED <-> FILE-FLASH Adobe Flash Player heap memory disclosure via custom valueOf handler attempt (snort3-file-flash.rules)
 * 1:37161 <-> DISABLED <-> FILE-FLASH Adobe Flash Player oversize source bitmap memory corruption attempt (snort3-file-flash.rules)
 * 1:37183 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextFormat.tabStops use after free attempt (snort3-file-flash.rules)
 * 1:37172 <-> DISABLED <-> FILE-FLASH Adobe Flash Player heap memory disclosure via custom valueOf handler attempt (snort3-file-flash.rules)
 * 1:37178 <-> DISABLED <-> FILE-FLASH Adobe Flash Player M3U8 parser logic memory corruption attempt (snort3-file-flash.rules)
 * 1:37170 <-> DISABLED <-> FILE-FLASH Adobe Flash Player heap memory disclosure via custom valueOf handler attempt (snort3-file-flash.rules)
 * 1:37205 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object.addProperty method use after free attempt (snort3-file-flash.rules)
 * 1:37184 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextFormat.tabStops use after free attempt (snort3-file-flash.rules)
 * 1:37790 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative use after free attempt (snort3-file-flash.rules)
 * 1:37185 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextFormat.tabStops use after free attempt (snort3-file-flash.rules)
 * 1:37180 <-> DISABLED <-> FILE-FLASH Adobe Flash Player M3U8 parser logic memory corruption attempt (snort3-file-flash.rules)
 * 1:37600 <-> DISABLED <-> FILE-OFFICE Microsoft Powerpoint shape objects null pointer dereference memory corruption attempt (snort3-file-office.rules)
 * 1:37206 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object.addProperty method use after free attempt (snort3-file-flash.rules)
 * 1:37208 <-> DISABLED <-> FILE-FLASH Adobe Flash Player LoadVars decode use after free attempt (snort3-file-flash.rules)
 * 1:37186 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextFormat.tabStops use after free attempt (snort3-file-flash.rules)
 * 1:37700 <-> DISABLED <-> FILE-OFFICE Microsoft Office ole object external file loading attempt (snort3-file-office.rules)
 * 1:37664 <-> DISABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (snort3-file-java.rules)
 * 1:37670 <-> DISABLED <-> FILE-FLASH Adobe Flash Player convolution filter use-after-free attempt (snort3-file-flash.rules)
 * 1:37210 <-> DISABLED <-> FILE-FLASH Adobe Flash Player LoadVars decode use after free attempt (snort3-file-flash.rules)
 * 1:37706 <-> DISABLED <-> FILE-OFFICE Microsoft Office ole object external file loading attempt (snort3-file-office.rules)
 * 1:37703 <-> DISABLED <-> FILE-OFFICE Microsoft Office ole object external file loading attempt (snort3-file-office.rules)
 * 1:37704 <-> DISABLED <-> FILE-OFFICE Microsoft Office ole object external file loading attempt (snort3-file-office.rules)
 * 1:37671 <-> DISABLED <-> FILE-FLASH Adobe Flash Player convolution filter use-after-free attempt (snort3-file-flash.rules)
 * 1:37734 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Point object integer overflow attempt (snort3-file-flash.rules)
 * 1:37711 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (snort3-file-flash.rules)
 * 1:37726 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (snort3-file-other.rules)
 * 1:37705 <-> DISABLED <-> FILE-OFFICE Microsoft Office ole object external file loading attempt (snort3-file-office.rules)
 * 1:37744 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextLine memory corruption attempt (snort3-file-flash.rules)
 * 1:37736 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Point object integer overflow attempt (snort3-file-flash.rules)
 * 1:37740 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BlurFilter memory corruption attempt (snort3-file-flash.rules)
 * 1:31033 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Cryptodefence variant outbound connection (snort3-malware-cnc.rules)
 * 1:36714 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel slicer style use-after-free attempt (snort3-file-office.rules)
 * 1:36707 <-> DISABLED <-> FILE-OFFICE Microsoft Office malformed odttf integer overflow attempt (snort3-file-office.rules)
 * 1:36708 <-> DISABLED <-> FILE-OFFICE Microsoft Office malformed odttf integer overflow attempt (snort3-file-office.rules)
 * 1:40117 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (snort3-file-office.rules)
 * 1:40106 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (snort3-file-office.rules)
 * 1:40236 <-> DISABLED <-> FILE-PDF Adobe Reader embedded font out of bounds memory access attempt (snort3-file-pdf.rules)
 * 1:40152 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DRMManager memory corruption attempt (snort3-file-flash.rules)
 * 1:40167 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShimContentResolver out of bounds memory access attempt (snort3-file-flash.rules)
 * 1:40121 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (snort3-file-office.rules)
 * 1:40425 <-> DISABLED <-> OS-WINDOWS Microsoft Windows GDI+ EMF buffer overread attempt (snort3-os-windows.rules)
 * 1:40237 <-> DISABLED <-> FILE-PDF Adobe Reader embedded font out of bounds memory access attempt (snort3-file-pdf.rules)
 * 1:40312 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CTreePos type confusion attempt (snort3-browser-ie.rules)
 * 1:40178 <-> DISABLED <-> FILE-FLASH Adobe Flash Player local-with-filesystem sandbox escape attempt (snort3-file-flash.rules)
 * 1:40718 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel LPenHelper use after free attempt (snort3-file-office.rules)
 * 1:40503 <-> DISABLED <-> FILE-FLASH Adobe Flash Player QOSProvider use-after-free attempt (snort3-file-flash.rules)
 * 1:40706 <-> DISABLED <-> FILE-OTHER Microsoft Windows OTF cmap table parsing integer overflow attempt (snort3-file-other.rules)
 * 1:40375 <-> DISABLED <-> OS-WINDOWS Microsoft Windows insecure BoundaryDescriptor privilege escalation attempt (snort3-os-windows.rules)
 * 1:40813 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight GetChar out of bounds read attempt (snort3-browser-plugins.rules)
 * 1:40737 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Primetime SDK AdvertisingMetadata type confustion attempt (snort3-file-flash.rules)
 * 1:40743 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource use after free attempt (snort3-file-flash.rules)
 * 1:40717 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel LPenHelper use after free attempt (snort3-file-office.rules)
 * 1:40958 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel security descriptor out of bounds read attempt (snort3-file-office.rules)
 * 1:40814 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight GetChar out of bounds read attempt (snort3-browser-plugins.rules)
 * 1:40934 <-> DISABLED <-> FILE-EXECUTABLE Nvidia Windows kernel mode driver denial of service attempt (snort3-file-executable.rules)
 * 1:40753 <-> ENABLED <-> EXPLOIT-KIT Rig exploit kit outbound communication (snort3-exploit-kit.rules)
 * 1:41003 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Primetime SDK out of bounds read attempt (snort3-file-flash.rules)
 * 1:40959 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ddeService command execution attempt (snort3-file-office.rules)
 * 1:40960 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ddeService command execution attempt (snort3-file-office.rules)
 * 1:40957 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel security descriptor out of bounds read attempt (snort3-file-office.rules)
 * 1:41344 <-> DISABLED <-> FILE-OTHER CorelDRAW X8 EMF invalid ihBrush field value out of bounds read attempt (snort3-file-other.rules)
 * 1:41015 <-> DISABLED <-> FILE-FLASH Acrobat Flash WorkerDomain memory corruption attempt (snort3-file-flash.rules)
 * 1:41026 <-> DISABLED <-> SERVER-WEBAPP Advantech WebAccess Dashboard remote code execution attempt (snort3-server-webapp.rules)
 * 1:40983 <-> DISABLED <-> FILE-OTHER Microsoft Internet Explorer malformed ico integer overflow attempt (snort3-file-other.rules)
 * 1:41521 <-> DISABLED <-> SERVER-WEBAPP McAfee Virus Scan Linux cross site scripting attempt (snort3-server-webapp.rules)
 * 1:41358 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Primetime SDK ShimContentResolver memory corruption attempt (snort3-file-flash.rules)
 * 1:41515 <-> DISABLED <-> POLICY-OTHER McAfee Virus Scan Linux outdated version detected (snort3-policy-other.rules)
 * 1:41310 <-> DISABLED <-> FILE-IMAGE libBPG restore_tqb_pixel out of bounds write attempt (snort3-file-image.rules)
 * 1:41602 <-> DISABLED <-> FILE-PDF Microsoft Edge PDF Builder out of bounds read attempt (snort3-file-pdf.rules)
 * 1:41565 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (snort3-file-office.rules)
 * 1:41566 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (snort3-file-office.rules)
 * 1:41516 <-> DISABLED <-> SERVER-WEBAPP McAfee Virus Scan Linux file existence test attempt (snort3-server-webapp.rules)
 * 1:41681 <-> DISABLED <-> SERVER-WEBAPP McAfee Virus Scan Linux remote code execution attempt (snort3-server-webapp.rules)
 * 1:41624 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MessageChannel type confusion attempt (snort3-file-flash.rules)
 * 1:41630 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PSDK EventDispatch removeEventListener use after free attempt (snort3-file-flash.rules)
 * 1:41601 <-> DISABLED <-> FILE-PDF Microsoft Edge PDF Builder out of bounds read attempt (snort3-file-pdf.rules)
 * 1:41976 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel shared strings memory corruption attempt (snort3-file-office.rules)
 * 1:41783 <-> ENABLED <-> EXPLOIT-KIT Rig exploit kit URL outbound communication (snort3-exploit-kit.rules)
 * 1:41818 <-> DISABLED <-> SERVER-APACHE Apache Struts remote code execution attempt (snort3-server-apache.rules)
 * 1:41680 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShimContentResolver out of bounds memory access attempt (snort3-file-flash.rules)
 * 1:42080 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Jenxcus outbound connection with unique User-Agent (snort3-malware-cnc.rules)
 * 1:41977 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel shared strings memory corruption attempt (snort3-file-office.rules)
 * 1:41979 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel shared strings memory corruption attempt (snort3-file-office.rules)
 * 1:41819 <-> DISABLED <-> SERVER-APACHE Apache Struts remote code execution attempt (snort3-server-apache.rules)
 * 1:42161 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel  out of bounds memory attempt (snort3-file-office.rules)
 * 1:42097 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Resolution Opportunity parameter memory corruption attempt (snort3-file-flash.rules)
 * 1:42150 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malformed OTF file out-of-bounds memory access attempt (snort3-file-other.rules)
 * 1:41980 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel shared strings memory corruption attempt (snort3-file-office.rules)
 * 1:42373 <-> ENABLED <-> POLICY-OTHER eicar file detected (snort3-policy-other.rules)
 * 1:42162 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel out of bounds memory attempt (snort3-file-office.rules)
 * 1:42222 <-> DISABLED <-> SERVER-WEBAPP Moxa MX Studio login page denial of service attempt (snort3-server-webapp.rules)
 * 1:42151 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malformed OTF file out-of-bounds memory access attempt (snort3-file-other.rules)
 * 1:42810 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData out of bounds memory access attempt (snort3-file-flash.rules)
 * 1:42374 <-> ENABLED <-> POLICY-OTHER eicar file detected (snort3-policy-other.rules)
 * 1:42375 <-> ENABLED <-> POLICY-OTHER eicar file detected (snort3-policy-other.rules)
 * 1:42372 <-> ENABLED <-> POLICY-OTHER eicar file detected (snort3-policy-other.rules)
 * 1:42817 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayObject use after free attempt (snort3-file-flash.rules)
 * 1:42811 <-> DISABLED <-> BROWSER-IE Microsoft Edge Chakra Engine use-after-free attempt (snort3-browser-ie.rules)
 * 1:42812 <-> DISABLED <-> BROWSER-IE Microsoft Edge Chakra Engine use-after-free attempt (snort3-browser-ie.rules)
 * 1:42376 <-> ENABLED <-> POLICY-OTHER eicar file detected (snort3-policy-other.rules)
 * 1:42913 <-> DISABLED <-> FILE-PDF Acrobat Reader TIFF malformed IFD tag heap overflow attempt (snort3-file-pdf.rules)
 * 1:42902 <-> DISABLED <-> FILE-OFFICE Microsoft Office EPS restore command use after free attempt (snort3-file-office.rules)
 * 1:42904 <-> DISABLED <-> FILE-OFFICE Microsoft Office EPS restore command use after free attempt (snort3-file-office.rules)
 * 1:42816 <-> DISABLED <-> FILE-FLASH Adobe Flash Player display object mask use after free attempt (snort3-file-flash.rules)
 * 1:43179 <-> DISABLED <-> FILE-OFFICE Powerpoint mouseover powershell malware download attempt (snort3-file-office.rules)
 * 1:42915 <-> DISABLED <-> FILE-PDF Acrobat Reader TIFF malformed IFD tag heap overflow attempt (snort3-file-pdf.rules)
 * 1:43048 <-> DISABLED <-> FILE-FLASH Adobe Flash Player JSON stringify memory corruption attempt (snort3-file-flash.rules)
 * 1:42911 <-> DISABLED <-> FILE-PDF Acrobat Reader TIFF malformed IFD tag heap overflow attempt (snort3-file-pdf.rules)
 * 1:43406 <-> DISABLED <-> FILE-FLASH Adobe Flash Player determinePreferredLocales out of bounds memory read attempt (snort3-file-flash.rules)
 * 1:43221 <-> DISABLED <-> MALWARE-OTHER Win.Trojan-Downloader.Jadtree GET request of RAR file to server (snort3-malware-other.rules)
 * 1:43383 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AdvertisingMetadata use after free attempt (snort3-file-flash.rules)
 * 1:43169 <-> DISABLED <-> BROWSER-IE Microsoft Edge textContent use after free attempt (snort3-browser-ie.rules)
 * 1:43865 <-> DISABLED <-> FILE-IMAGE Adobe Reader EMF EMR_MOVETOEX memory corruption attempt (snort3-file-image.rules)
 * 1:43455 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (snort3-file-flash.rules)
 * 1:43625 <-> DISABLED <-> SERVER-WEBAPP Axis M3004 remote code execution attempt (snort3-server-webapp.rules)
 * 1:43396 <-> DISABLED <-> FILE-FLASH Adobe Acrobat Reader profile use after free attempt (snort3-file-flash.rules)
 * 1:43900 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Professional XPS2PDF memory corruption attempt (snort3-file-other.rules)
 * 1:43901 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Professional XPS2PDF memory corruption attempt (snort3-file-other.rules)
 * 1:43790 <-> DISABLED <-> SERVER-OTHER Apache mod_auth_digest out of bounds read attempt (snort3-server-other.rules)
 * 1:37801 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (snort3-browser-plugins.rules)
 * 1:44361 <-> DISABLED <-> SERVER-WEBAPP Trend Micro proxy_controller.php command injection attempt (snort3-server-webapp.rules)
 * 1:45131 <-> DISABLED <-> OS-WINDOWS Microsoft Windows RRAS service arbitrary pointer dereference attempt (snort3-os-windows.rules)
 * 1:46783 <-> DISABLED <-> MALWARE-CNC Unix.Trojan.Vpnfilter variant SSL connection attempt (snort3-malware-cnc.rules)
 * 1:44880 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF EMR_STRETCHDIBITS memory corruption attempt (snort3-file-image.rules)
 * 1:45909 <-> DISABLED <-> MALWARE-CNC CobaltStrike trial version inbound beacon response (snort3-malware-cnc.rules)
 * 1:45771 <-> DISABLED <-> MALWARE-CNC Win.Trojan.CannibalRAT initial outbound connection (snort3-malware-cnc.rules)
 * 1:37347 <-> DISABLED <-> FILE-FLASH Adobe Flash Player improper display list handling memory corruption attempt (snort3-file-flash.rules)
 * 1:47241 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Mylobot additional payload download (snort3-malware-cnc.rules)
 * 1:47358 <-> DISABLED <-> SERVER-WEBAPP CCTV-DVR command injection attempt (snort3-server-webapp.rules)
 * 1:44404 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Trickbot malicious communication attempt (snort3-malware-cnc.rules)
 * 1:45117 <-> DISABLED <-> SERVER-WEBAPP Huawei DeviceUpgrade command injection attempt (snort3-server-webapp.rules)
 * 1:44621 <-> DISABLED <-> MALWARE-CNC Android Red Alert Trojan outbound connection (snort3-malware-cnc.rules)
 * 1:45977 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB kernel heap memory leak attempt (snort3-os-windows.rules)
 * 1:45682 <-> DISABLED <-> SERVER-OTHER HP Integrated Lights-Out HTTP headers processing buffer overflow attempt (snort3-server-other.rules)
 * 1:46490 <-> DISABLED <-> FILE-PDF Adobe Flash Player ActionScript setFocus use after free attempt (snort3-file-pdf.rules)
 * 1:46585 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (snort3-malware-cnc.rules)
 * 1:45976 <-> DISABLED <-> SERVER-WEBAPP Pivotal Spring Data REST PATCH request remote code execution attempt (snort3-server-webapp.rules)
 * 1:44622 <-> DISABLED <-> MALWARE-CNC Android Red Alert Trojan outbound connection (snort3-malware-cnc.rules)
 * 1:44885 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat XPS unicode glyph pointer out of bounds (snort3-file-image.rules)
 * 1:45950 <-> DISABLED <-> PUA-OTHER Coinhive TLS client hello attempt (snort3-pua-other.rules)
 * 1:44564 <-> DISABLED <-> MALWARE-CNC PowerShell Empire variant outbound connection (snort3-malware-cnc.rules)
 * 1:37525 <-> DISABLED <-> SERVER-OTHER NTP arbitrary pidfile and driftfile overwrite attempt (snort3-server-other.rules)
 * 1:49789 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Zacinlo outbound connection (snort3-malware-cnc.rules)
 * 1:37399 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader custom string length function memory corruption attempt (snort3-file-pdf.rules)
 * 1:37761 <-> DISABLED <-> FILE-FLASH Adobe Flash Player rectangle auxiliary method integer overflow attempt (snort3-file-flash.rules)
 * 1:37783 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed Adobe Texture Format heap overflow attempt (snort3-file-flash.rules)
 * 1:37248 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeMovieClip use after free attempt (snort3-file-flash.rules)
 * 1:56130 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (snort3-browser-chrome.rules)
 * 1:37249 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeMovieClip use after free attempt (snort3-file-flash.rules)
 * 1:37798 <-> DISABLED <-> FILE-FLASH Adobe Flash Player rectangle memory access violation attempt (snort3-file-flash.rules)
 * 1:37777 <-> DISABLED <-> FILE-FLASH Adobe Flash Player LoadVars use-after-free attempt (snort3-file-flash.rules)
 * 1:37218 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MovieClip setMask use after free attempt (snort3-file-flash.rules)
 * 1:37702 <-> DISABLED <-> FILE-OFFICE Microsoft Office ole object external file loading attempt (snort3-file-office.rules)
 * 1:37770 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative custom getter use after free attempt (snort3-file-flash.rules)
 * 1:47236 <-> DISABLED <-> MALWARE-CNC Unix.Trojan.Prowli variant outbound connection (snort3-malware-cnc.rules)
 * 1:37237 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object hasOwnProperty use after free attempt (snort3-file-flash.rules)
 * 1:37808 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer underflow attempt (snort3-file-flash.rules)
 * 1:49311 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (snort3-file-flash.rules)
 * 1:37593 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel formula length heap corruption attempt (snort3-file-office.rules)
 * 1:37266 <-> DISABLED <-> FILE-OFFICE Microsoft Office metafile conversion out of bounds read attempt (snort3-file-office.rules)
 * 1:47242 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Mylobot additional payload download (snort3-malware-cnc.rules)
 * 1:43967 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Acrobat Professional EMF malformed EMR_POLYBEZIERTO16 out of bounds access attempt (snort3-file-multimedia.rules)

2020-10-29 14:07:10 UTC

Snort Subscriber Rules Update

Date: 2020-10-29

This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2983.

The format of the file is:

gid:sid <-> Default rule state <-> Message (rule group)

New Rules:


 * 1:56162 <-> ENABLED <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt (server-webapp.rules)
 * 1:56150 <-> DISABLED <-> SERVER-OTHER Adobe ColdFusion DataServicesCFProxy insecure Java deserialization attempt (server-other.rules)
 * 1:56167 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.PyVil download attempt (malware-other.rules)
 * 1:56165 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.PyVil download attempt (malware-other.rules)
 * 1:56155 <-> DISABLED <-> SERVER-WEBAPP MobileIron Core & Connector remote code execution attempt (server-webapp.rules)
 * 1:56166 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.PyVil outbound communication attempt (malware-other.rules)
 * 1:56163 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.PyVil download attempt (malware-other.rules)
 * 1:56141 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.Zusy-9784403-0 download attempt (malware-other.rules)
 * 1:56156 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook email parsing remote code execution attempt (file-office.rules)
 * 1:56142 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.Zusy-9784403-0 download attempt (malware-other.rules)
 * 1:56157 <-> DISABLED <-> FILE-OFFICE Microsoft Office Outlook email parsing remote code execution attempt (file-office.rules)
 * 1:56164 <-> DISABLED <-> MALWARE-OTHER Win.Dropper.PyVil download attempt (malware-other.rules)
 * 1:56154 <-> DISABLED <-> SERVER-WEBAPP MobileIron Core & Connector remote code execution attempt (server-webapp.rules)
 * 1:56140 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Czxz-9784395-0 download attempt (malware-other.rules)
 * 1:56139 <-> DISABLED <-> MALWARE-OTHER Win.Malware.Czxz-9784395-0 download attempt (malware-other.rules)
 * 1:56151 <-> DISABLED <-> SERVER-OTHER Adobe ColdFusion vulnerable DataServicesCFProxy class reference attempt (server-other.rules)
 * 3:56149 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1179 attack attempt (server-webapp.rules)
 * 3:56146 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1177 attack attempt (server-webapp.rules)
 * 3:56161 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1176 attack attempt (file-image.rules)
 * 3:56147 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1179 attack attempt (server-webapp.rules)
 * 3:56152 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1178 attack attempt (server-webapp.rules)
 * 3:56159 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1176 attack attempt (file-image.rules)
 * 3:56148 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1179 attack attempt (server-webapp.rules)
 * 3:56144 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1177 attack attempt (server-webapp.rules)
 * 3:56160 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1176 attack attempt (file-image.rules)
 * 3:56145 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1177 attack attempt (server-webapp.rules)
 * 3:56158 <-> ENABLED <-> FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1176 attack attempt (file-image.rules)
 * 3:56143 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1177 attack attempt (server-webapp.rules)
 * 3:56153 <-> ENABLED <-> SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1178 attack attempt (server-webapp.rules)

Modified Rules:


 * 1:46782 <-> DISABLED <-> MALWARE-CNC Unix.Trojan.Vpnfilter variant SSL connection attempt (malware-cnc.rules)
 * 1:45564 <-> DISABLED <-> MALWARE-CNC Unix.Trojan.Vpnfilter variant outbound connection attempt (malware-cnc.rules)
 * 1:45148 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Array out of bounds write attempt (browser-ie.rules)
 * 1:44564 <-> DISABLED <-> MALWARE-CNC PowerShell Empire variant outbound connection (malware-cnc.rules)
 * 1:44016 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Rectangle constructor use after free attempt (file-flash.rules)
 * 1:47557 <-> DISABLED <-> MALWARE-CNC Win.Trojan.PLEAD downloader outbound connection (malware-cnc.rules)
 * 1:44052 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word EPS filter PostScript object use after free attempt (file-office.rules)
 * 1:31033 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Cryptodefence variant outbound connection (malware-cnc.rules)
 * 1:36707 <-> DISABLED <-> FILE-OFFICE Microsoft Office malformed odttf integer overflow attempt (file-office.rules)
 * 1:36708 <-> DISABLED <-> FILE-OFFICE Microsoft Office malformed odttf integer overflow attempt (file-office.rules)
 * 1:36713 <-> DISABLED <-> OS-WINDOWS Microsoft Windows ClickOnce information disclosure attempt (os-windows.rules)
 * 1:36714 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel slicer style use-after-free attempt (file-office.rules)
 * 1:36715 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel slicer style use-after-free attempt (file-office.rules)
 * 1:36751 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel MdCallBack out of bounds read attempt (file-office.rules)
 * 1:36752 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel MdCallBack out of bounds read attempt (file-office.rules)
 * 1:36812 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer nonexistent attribute removal memory corruption attempt (browser-ie.rules)
 * 1:36819 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:36820 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:36821 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:36822 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (file-flash.rules)
 * 1:36829 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 actionExtends use-after-free attempt (file-flash.rules)
 * 1:45977 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB kernel heap memory leak attempt (os-windows.rules)
 * 1:43865 <-> DISABLED <-> FILE-IMAGE Adobe Reader EMF EMR_MOVETOEX memory corruption attempt (file-image.rules)
 * 1:44892 <-> DISABLED <-> FILE-FLASH Adobe Flash Player determinePreferredLocales memory corruption attempt (file-flash.rules)
 * 1:46586 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (malware-cnc.rules)
 * 1:46793 <-> DISABLED <-> OS-WINDOWS Malicious zip download attempt (os-windows.rules)
 * 1:43900 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Professional XPS2PDF memory corruption attempt (file-other.rules)
 * 1:45773 <-> DISABLED <-> MALWARE-CNC Win.Trojan.CannibalRAT outbound upload attempt (malware-cnc.rules)
 * 1:44361 <-> DISABLED <-> SERVER-WEBAPP Trend Micro proxy_controller.php command injection attempt (server-webapp.rules)
 * 1:47056 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel empty bookViews element denial of service attempt (file-office.rules)
 * 1:45371 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word docx subDocument file include attempt (file-office.rules)
 * 1:46137 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Cidox variant outbound connection attempt (malware-cnc.rules)
 * 1:45117 <-> DISABLED <-> SERVER-WEBAPP Huawei DeviceUpgrade command injection attempt (server-webapp.rules)
 * 1:46583 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (malware-cnc.rules)
 * 1:46251 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Rovnix outbound connection attempt (malware-cnc.rules)
 * 1:36830 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 actionExtends use-after-free attempt (file-flash.rules)
 * 1:44619 <-> DISABLED <-> MALWARE-CNC Android Red Alert Trojan outbound connection (malware-cnc.rules)
 * 1:46371 <-> DISABLED <-> PUA-OTHER Moonify TLS server hello attempt (pua-other.rules)
 * 1:46129 <-> DISABLED <-> MALWARE-CNC Win.Trojan.HW32 variant outbound connection (malware-cnc.rules)
 * 1:45976 <-> DISABLED <-> SERVER-WEBAPP Pivotal Spring Data REST PATCH request remote code execution attempt (server-webapp.rules)
 * 1:46580 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (malware-cnc.rules)
 * 1:46584 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (malware-cnc.rules)
 * 1:36831 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 actionExtends use-after-free attempt (file-flash.rules)
 * 1:36832 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 actionExtends use-after-free attempt (file-flash.rules)
 * 1:45169 <-> DISABLED <-> BROWSER-IE Microsoft Edge array type confusion attempt (browser-ie.rules)
 * 1:46582 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (malware-cnc.rules)
 * 1:46783 <-> DISABLED <-> MALWARE-CNC Unix.Trojan.Vpnfilter variant SSL connection attempt (malware-cnc.rules)
 * 1:44880 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF EMR_STRETCHDIBITS memory corruption attempt (file-image.rules)
 * 1:45642 <-> DISABLED <-> MALWARE-CNC Vbs.Trojan.Agent outbound connection (malware-cnc.rules)
 * 1:44620 <-> DISABLED <-> MALWARE-CNC Android Red Alert Trojan outbound connection (malware-cnc.rules)
 * 1:44657 <-> DISABLED <-> SERVER-WEBAPP Unitrends Enterprise Backup API SQL injection attempt (server-webapp.rules)
 * 1:46249 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Rovnix outbound connection attempt (malware-cnc.rules)
 * 1:44964 <-> DISABLED <-> FILE-FLASH Adobe Flash Player tvsdk object use after free attempt (file-flash.rules)
 * 1:45922 <-> DISABLED <-> EXPLOIT-KIT Terror EK exe download attempt (exploit-kit.rules)
 * 1:36846 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 TextField gridFitType use after free attempt (file-flash.rules)
 * 1:36859 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:45949 <-> DISABLED <-> PUA-OTHER Coinhive TLS server hello attempt (pua-other.rules)
 * 1:49789 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Zacinlo outbound connection (malware-cnc.rules)
 * 1:36860 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:36863 <-> DISABLED <-> FILE-FLASH Adobe Flash Player attachsound use-after-free attempt (file-flash.rules)
 * 1:56130 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:45646 <-> DISABLED <-> MALWARE-CNC Vbs.Trojan.Agent outbound system information disclosure (malware-cnc.rules)
 * 1:43383 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AdvertisingMetadata use after free attempt (file-flash.rules)
 * 1:36864 <-> DISABLED <-> FILE-FLASH Adobe Flash Player attachsound use-after-free attempt (file-flash.rules)
 * 1:36883 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (file-flash.rules)
 * 1:47358 <-> DISABLED <-> SERVER-WEBAPP CCTV-DVR command injection attempt (server-webapp.rules)
 * 1:56138 <-> ENABLED <-> SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt (server-webapp.rules)
 * 1:36960 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word XML parsing use after free attempt (file-office.rules)
 * 1:45336 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ursnif variant outbound connection attempt (malware-cnc.rules)
 * 1:43396 <-> DISABLED <-> FILE-FLASH Adobe Acrobat Reader profile use after free attempt (file-flash.rules)
 * 1:43179 <-> DISABLED <-> FILE-OFFICE Powerpoint mouseover powershell malware download attempt (file-office.rules)
 * 1:56131 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:36961 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word XML parsing use after free attempt (file-office.rules)
 * 1:36998 <-> DISABLED <-> OS-WINDOWS Microsoft .NET Silverlight manifest resource file information disclosure attempt (os-windows.rules)
 * 1:56132 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:47236 <-> DISABLED <-> MALWARE-CNC Unix.Trojan.Prowli variant outbound connection (malware-cnc.rules)
 * 1:37071 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter integer overflow attempt (file-flash.rules)
 * 1:37072 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter integer overflow attempt (file-flash.rules)
 * 1:37074 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter integer overflow attempt (file-flash.rules)
 * 1:37075 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShaderParameter integer overflow attempt (file-flash.rules)
 * 1:37081 <-> DISABLED <-> FILE-FLASH Adobe Flash Player String length heap buffer overflow attempt (file-flash.rules)
 * 1:37082 <-> DISABLED <-> FILE-FLASH Adobe Flash Player String length heap buffer overflow attempt (file-flash.rules)
 * 1:47242 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Mylobot additional payload download (malware-cnc.rules)
 * 1:37085 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array memory corruption attempt (file-flash.rules)
 * 1:37086 <-> DISABLED <-> FILE-FLASH Adobe Flash Player byte array memory corruption attempt (file-flash.rules)
 * 1:47678 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Torpplar variant outbound connection (malware-cnc.rules)
 * 1:37090 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PrintJob object use-after-free attempt (file-flash.rules)
 * 1:37091 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PrintJob object use-after-free attempt (file-flash.rules)
 * 1:37092 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SoundURLStream memory corruption attempt (file-flash.rules)
 * 1:37094 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SoundURLStream memory corruption attempt (file-flash.rules)
 * 1:37105 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MovieClip object use-after-free attempt (file-flash.rules)
 * 1:37106 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MovieClip object use-after-free attempt (file-flash.rules)
 * 1:46252 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Rovnix outbound connection attempt (malware-cnc.rules)
 * 1:37109 <-> DISABLED <-> FILE-FLASH Adobe Flash Player selection.setFocus use after free attempt (file-flash.rules)
 * 1:37110 <-> DISABLED <-> FILE-FLASH Adobe Flash Player selection.setFocus use after free attempt (file-flash.rules)
 * 1:37118 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (file-flash.rules)
 * 1:37119 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (file-flash.rules)
 * 1:47241 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Mylobot additional payload download (malware-cnc.rules)
 * 1:37121 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MP3 ID3 data parsing heap buffer overflow attempt (file-flash.rules)
 * 1:47006 <-> DISABLED <-> MALWARE-CNC Win.Trojan.SocketPlayer outbound connection (malware-cnc.rules)
 * 1:37123 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MP3 ID3 data parsing heap buffer overflow attempt (file-flash.rules)
 * 1:37128 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 setTransform use-after-free attempt (file-flash.rules)
 * 1:37129 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS2 setTransform use-after-free attempt (file-flash.rules)
 * 1:37135 <-> DISABLED <-> SERVER-WEBAPP Fireeye Java decompiler reflection remote code execution attempt (server-webapp.rules)
 * 1:37136 <-> DISABLED <-> SERVER-WEBAPP Fireeye Java decompiler reflection remote code execution attempt (server-webapp.rules)
 * 1:37144 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SetSlot type confusion attempt (file-flash.rules)
 * 1:37145 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SetSlot type confusion attempt (file-flash.rules)
 * 1:37157 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject send stack buffer overflow attempt (file-flash.rules)
 * 1:37159 <-> DISABLED <-> FILE-FLASH Adobe Flash Player SharedObject send stack buffer overflow attempt (file-flash.rules)
 * 1:37160 <-> DISABLED <-> FILE-FLASH Adobe Flash Player oversize source bitmap memory corruption attempt (file-flash.rules)
 * 1:37161 <-> DISABLED <-> FILE-FLASH Adobe Flash Player oversize source bitmap memory corruption attempt (file-flash.rules)
 * 1:37167 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLStream use after free attempt (file-flash.rules)
 * 1:37168 <-> DISABLED <-> FILE-FLASH Adobe Flash Player URLStream use after free attempt (file-flash.rules)
 * 1:37169 <-> DISABLED <-> FILE-FLASH Adobe Flash Player heap memory disclosure via custom valueOf handler attempt (file-flash.rules)
 * 1:37170 <-> DISABLED <-> FILE-FLASH Adobe Flash Player heap memory disclosure via custom valueOf handler attempt (file-flash.rules)
 * 1:37171 <-> DISABLED <-> FILE-FLASH Adobe Flash Player heap memory disclosure via custom valueOf handler attempt (file-flash.rules)
 * 1:37172 <-> DISABLED <-> FILE-FLASH Adobe Flash Player heap memory disclosure via custom valueOf handler attempt (file-flash.rules)
 * 1:37178 <-> DISABLED <-> FILE-FLASH Adobe Flash Player M3U8 parser logic memory corruption attempt (file-flash.rules)
 * 1:37180 <-> DISABLED <-> FILE-FLASH Adobe Flash Player M3U8 parser logic memory corruption attempt (file-flash.rules)
 * 1:42915 <-> DISABLED <-> FILE-PDF Acrobat Reader TIFF malformed IFD tag heap overflow attempt (file-pdf.rules)
 * 1:37183 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextFormat.tabStops use after free attempt (file-flash.rules)
 * 1:37184 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextFormat.tabStops use after free attempt (file-flash.rules)
 * 1:37185 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextFormat.tabStops use after free attempt (file-flash.rules)
 * 1:37186 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextFormat.tabStops use after free attempt (file-flash.rules)
 * 1:37205 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object.addProperty method use after free attempt (file-flash.rules)
 * 1:47175 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ddeService command execution attempt (file-office.rules)
 * 1:37206 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object.addProperty method use after free attempt (file-flash.rules)
 * 1:37208 <-> DISABLED <-> FILE-FLASH Adobe Flash Player LoadVars decode use after free attempt (file-flash.rules)
 * 1:37210 <-> DISABLED <-> FILE-FLASH Adobe Flash Player LoadVars decode use after free attempt (file-flash.rules)
 * 1:37216 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MovieClip setMask use after free attempt (file-flash.rules)
 * 1:37218 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MovieClip setMask use after free attempt (file-flash.rules)
 * 1:37237 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object hasOwnProperty use after free attempt (file-flash.rules)
 * 1:37239 <-> DISABLED <-> FILE-FLASH Adobe Flash Player object hasOwnProperty use after free attempt (file-flash.rules)
 * 1:37247 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeMovieClip use after free attempt (file-flash.rules)
 * 1:37248 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeMovieClip use after free attempt (file-flash.rules)
 * 1:37249 <-> DISABLED <-> FILE-FLASH Adobe Flash Player removeMovieClip use after free attempt (file-flash.rules)
 * 1:37259 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel mso20win32client use after free attempt (file-office.rules)
 * 1:37265 <-> DISABLED <-> FILE-OFFICE Microsoft Office metafile conversion out of bounds read attempt (file-office.rules)
 * 1:37266 <-> DISABLED <-> FILE-OFFICE Microsoft Office metafile conversion out of bounds read attempt (file-office.rules)
 * 1:37267 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight GetChar out of bounds read attempt (browser-plugins.rules)
 * 1:46989 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.MBRLock file download (malware-other.rules)
 * 1:44622 <-> DISABLED <-> MALWARE-CNC Android Red Alert Trojan outbound connection (malware-cnc.rules)
 * 1:46372 <-> DISABLED <-> PUA-OTHER Moonify TLS client hello attempt (pua-other.rules)
 * 1:44338 <-> DISABLED <-> BROWSER-IE Microsoft Edge denial of service attempt (browser-ie.rules)
 * 1:44430 <-> DISABLED <-> FILE-OFFICE Fin7 Maldoc campaign exploitation attempt  (file-office.rules)
 * 1:46585 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (malware-cnc.rules)
 * 1:44621 <-> DISABLED <-> MALWARE-CNC Android Red Alert Trojan outbound connection (malware-cnc.rules)
 * 1:46490 <-> DISABLED <-> FILE-PDF Adobe Flash Player ActionScript setFocus use after free attempt (file-pdf.rules)
 * 1:46744 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Dropper malicious executable download attempt (malware-cnc.rules)
 * 1:45950 <-> DISABLED <-> PUA-OTHER Coinhive TLS client hello attempt (pua-other.rules)
 * 1:44431 <-> DISABLED <-> FILE-OFFICE Fin7 Maldoc campaign exploitation attempt  (file-office.rules)
 * 1:45973 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Chafer malicious communication attempt (malware-cnc.rules)
 * 1:45131 <-> DISABLED <-> OS-WINDOWS Microsoft Windows RRAS service arbitrary pointer dereference attempt (os-windows.rules)
 * 1:44969 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF EmfPlusFont memory corruption attempt (file-image.rules)
 * 1:45978 <-> DISABLED <-> OS-WINDOWS Microsoft Windows SMB kernel heap memory leak attempt (os-windows.rules)
 * 1:46491 <-> DISABLED <-> FILE-PDF Adobe Flash Player ActionScript setFocus use after free attempt (file-pdf.rules)
 * 1:45682 <-> DISABLED <-> SERVER-OTHER HP Integrated Lights-Out HTTP headers processing buffer overflow attempt (server-other.rules)
 * 1:43901 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Professional XPS2PDF memory corruption attempt (file-other.rules)
 * 1:47701 <-> DISABLED <-> MALWARE-CNC Win.Backdoor.Iniduoh variant outbound connection (malware-cnc.rules)
 * 1:37268 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight GetChar out of bounds read attempt (browser-plugins.rules)
 * 1:44885 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat XPS unicode glyph pointer out of bounds (file-image.rules)
 * 1:37345 <-> DISABLED <-> FILE-FLASH Adobe Flash Player improper display list handling memory corruption attempt (file-flash.rules)
 * 1:37347 <-> DISABLED <-> FILE-FLASH Adobe Flash Player improper display list handling memory corruption attempt (file-flash.rules)
 * 1:44360 <-> DISABLED <-> SERVER-WEBAPP Trend Micro proxy_controller.php command injection attempt (server-webapp.rules)
 * 1:37399 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader custom string length function memory corruption attempt (file-pdf.rules)
 * 1:37525 <-> DISABLED <-> SERVER-OTHER NTP arbitrary pidfile and driftfile overwrite attempt (server-other.rules)
 * 1:46135 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Krodown variant connection attempt (malware-cnc.rules)
 * 1:45904 <-> DISABLED <-> MALWARE-BACKDOOR CobaltStrike inbound beacon download (malware-backdoor.rules)
 * 1:37550 <-> DISABLED <-> EXPLOIT-KIT Nuclear landing page detected (exploit-kit.rules)
 * 1:45130 <-> DISABLED <-> OS-WINDOWS Microsoft Windows RRAS service arbitrary pointer dereference attempt (os-windows.rules)
 * 1:43912 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Professional XPS2PDF memory corruption attempt (file-other.rules)
 * 1:45972 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Chafer malicious communication attempt (malware-cnc.rules)
 * 1:43406 <-> DISABLED <-> FILE-FLASH Adobe Flash Player determinePreferredLocales out of bounds memory read attempt (file-flash.rules)
 * 1:45772 <-> DISABLED <-> MALWARE-CNC Win.Trojan.CannibalRAT outbound reporting attempt (malware-cnc.rules)
 * 1:44903 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PSDK Metadata memory corruption attempt (file-flash.rules)
 * 1:37592 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel formula length heap corruption attempt (file-office.rules)
 * 1:43455 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:43913 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Professional XPS2PDF memory corruption attempt (file-other.rules)
 * 1:44688 <-> DISABLED <-> SERVER-WEBAPP Netgear DGN1000 series routers arbitrary command execution attempt (server-webapp.rules)
 * 1:43967 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Acrobat Professional EMF malformed EMR_POLYBEZIERTO16 out of bounds access attempt (file-multimedia.rules)
 * 1:45132 <-> DISABLED <-> FILE-OFFICE Microsoft Office Equation Editor object stack buffer overflow attempt (file-office.rules)
 * 1:44646 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.BadRabbit propagation via SVCCTL remote service attempt (malware-other.rules)
 * 1:37593 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel formula length heap corruption attempt (file-office.rules)
 * 1:45370 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word docx subDocument file include attempt (file-office.rules)
 * 1:43625 <-> DISABLED <-> SERVER-WEBAPP Axis M3004 remote code execution attempt (server-webapp.rules)
 * 1:44404 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Trickbot malicious communication attempt (malware-cnc.rules)
 * 1:44017 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Rectangle constructor use after free attempt (file-flash.rules)
 * 1:43977 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader graphics engine memory corruption attempt (file-pdf.rules)
 * 1:45162 <-> DISABLED <-> BROWSER-IE Microsoft Edge memory corruption attempt (browser-ie.rules)
 * 1:46581 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Banload malicious file download (malware-cnc.rules)
 * 1:45643 <-> DISABLED <-> MALWARE-CNC Vbs.Trojan.Agent inbound payload download (malware-cnc.rules)
 * 1:43978 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader graphics engine memory corruption attempt (file-pdf.rules)
 * 1:43993 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader graphics engine memory corruption attempt (file-pdf.rules)
 * 1:45771 <-> DISABLED <-> MALWARE-CNC Win.Trojan.CannibalRAT initial outbound connection (malware-cnc.rules)
 * 1:44929 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF out of bounds write attempt (file-image.rules)
 * 1:45909 <-> DISABLED <-> MALWARE-CNC CobaltStrike trial version inbound beacon response (malware-cnc.rules)
 * 1:37600 <-> DISABLED <-> FILE-OFFICE Microsoft Powerpoint shape objects null pointer dereference memory corruption attempt (file-office.rules)
 * 1:46250 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Rovnix outbound connection attempt (malware-cnc.rules)
 * 1:43790 <-> DISABLED <-> SERVER-OTHER Apache mod_auth_digest out of bounds read attempt (server-other.rules)
 * 1:43994 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader graphics engine memory corruption attempt (file-pdf.rules)
 * 1:45923 <-> DISABLED <-> EXPLOIT-KIT Terror EK dll download attempt (exploit-kit.rules)
 * 1:37601 <-> DISABLED <-> FILE-OFFICE Microsoft Powerpoint shape objects null pointer dereference memory corruption attempt (file-office.rules)
 * 1:37664 <-> DISABLED <-> FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (file-java.rules)
 * 1:37670 <-> DISABLED <-> FILE-FLASH Adobe Flash Player convolution filter use-after-free attempt (file-flash.rules)
 * 1:37671 <-> DISABLED <-> FILE-FLASH Adobe Flash Player convolution filter use-after-free attempt (file-flash.rules)
 * 1:37700 <-> DISABLED <-> FILE-OFFICE Microsoft Office ole object external file loading attempt (file-office.rules)
 * 1:37702 <-> DISABLED <-> FILE-OFFICE Microsoft Office ole object external file loading attempt (file-office.rules)
 * 1:37703 <-> DISABLED <-> FILE-OFFICE Microsoft Office ole object external file loading attempt (file-office.rules)
 * 1:37704 <-> DISABLED <-> FILE-OFFICE Microsoft Office ole object external file loading attempt (file-office.rules)
 * 1:37705 <-> DISABLED <-> FILE-OFFICE Microsoft Office ole object external file loading attempt (file-office.rules)
 * 1:37706 <-> DISABLED <-> FILE-OFFICE Microsoft Office ole object external file loading attempt (file-office.rules)
 * 1:37711 <-> DISABLED <-> FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (file-flash.rules)
 * 1:37726 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:37727 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:37734 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Point object integer overflow attempt (file-flash.rules)
 * 1:37736 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Point object integer overflow attempt (file-flash.rules)
 * 1:37740 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BlurFilter memory corruption attempt (file-flash.rules)
 * 1:37741 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BlurFilter memory corruption attempt (file-flash.rules)
 * 1:37744 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextLine memory corruption attempt (file-flash.rules)
 * 1:37745 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TextLine memory corruption attempt (file-flash.rules)
 * 1:37754 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Point object integer overflow attempt (file-flash.rules)
 * 1:37755 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Point object integer overflow attempt (file-flash.rules)
 * 1:37757 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid sourceRect copyPixels heap corruption attempt (file-flash.rules)
 * 1:37758 <-> DISABLED <-> FILE-FLASH Adobe Flash Player invalid sourceRect copyPixels heap corruption attempt (file-flash.rules)
 * 1:37761 <-> DISABLED <-> FILE-FLASH Adobe Flash Player rectangle auxiliary method integer overflow attempt (file-flash.rules)
 * 1:37764 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData method memory corruption attempt (file-flash.rules)
 * 1:37770 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative custom getter use after free attempt (file-flash.rules)
 * 1:37771 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative custom getter use after free attempt (file-flash.rules)
 * 1:37774 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ActionScript constructor use after free attempt (file-flash.rules)
 * 1:37776 <-> DISABLED <-> FILE-FLASH Adobe Flash Player LoadVars use-after-free attempt (file-flash.rules)
 * 1:37777 <-> DISABLED <-> FILE-FLASH Adobe Flash Player LoadVars use-after-free attempt (file-flash.rules)
 * 1:37783 <-> DISABLED <-> FILE-FLASH Adobe Flash Player malformed Adobe Texture Format heap overflow attempt (file-flash.rules)
 * 1:37790 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative use after free attempt (file-flash.rules)
 * 1:37792 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASnative use after free attempt (file-flash.rules)
 * 1:37797 <-> DISABLED <-> FILE-FLASH Adobe Flash Player rectangle memory access violation attempt (file-flash.rules)
 * 1:37798 <-> DISABLED <-> FILE-FLASH Adobe Flash Player rectangle memory access violation attempt (file-flash.rules)
 * 1:37801 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (browser-plugins.rules)
 * 1:37808 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer underflow attempt (file-flash.rules)
 * 1:37824 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:37825 <-> DISABLED <-> FILE-OTHER Microsoft Office ole object external file loading attempt (file-other.rules)
 * 1:37938 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:37939 <-> DISABLED <-> FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (file-multimedia.rules)
 * 1:38074 <-> DISABLED <-> BROWSER-IE Microsoft Edge CAsyncTpWorker Windows.Data.Pdf.dll object use after free attempt (browser-ie.rules)
 * 1:38076 <-> DISABLED <-> BROWSER-IE Microsoft Edge CAsyncTpWorker Windows.Data.Pdf.dll object use after free attempt (browser-ie.rules)
 * 1:38101 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word wwlib.dll invalid pointer read attempt (file-office.rules)
 * 1:38165 <-> DISABLED <-> FILE-FLASH Adobe Flash Player hitTest BitmapData object integer overflow attempt (file-flash.rules)
 * 1:38167 <-> DISABLED <-> FILE-FLASH Adobe Flash Player hitTest BitmapData object integer overflow attempt (file-flash.rules)
 * 1:38169 <-> DISABLED <-> FILE-FLASH Adobe Flash Player hitTest BitmapData object integer overflow attempt (file-flash.rules)
 * 1:38170 <-> DISABLED <-> FILE-FLASH Adobe Flash Player hitTest BitmapData object integer overflow attempt (file-flash.rules)
 * 1:38175 <-> DISABLED <-> FILE-FLASH Adobe Standalone Flash Player texfield getter use after free attempt (file-flash.rules)
 * 1:38179 <-> DISABLED <-> FILE-FLASH Adobe Standalone Flash Player ASnative object use after free attempt (file-flash.rules)
 * 1:38182 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 multiple axis attributes integer overflow attempt (file-flash.rules)
 * 1:38184 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AS3 multiple axis attributes integer overflow attempt (file-flash.rules)
 * 1:38191 <-> DISABLED <-> FILE-FLASH Adobe Flash Player si32 integer overflow attempt (file-flash.rules)
 * 1:38192 <-> DISABLED <-> FILE-FLASH Adobe Flash Player si32 integer overflow attempt (file-flash.rules)
 * 1:38197 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursion calls stack overflow attempt (file-flash.rules)
 * 1:38198 <-> DISABLED <-> FILE-FLASH Adobe Flash Player recursion calls stack overflow attempt (file-flash.rules)
 * 1:38207 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MPD use-after-free attempt (file-flash.rules)
 * 1:38208 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MPD use-after-free attempt (file-flash.rules)
 * 1:38211 <-> DISABLED <-> FILE-PDF Adobe Reader JPEG 2000 chrominance subsampling memory corruption attempt (file-pdf.rules)
 * 1:38212 <-> DISABLED <-> FILE-PDF Adobe Reader JPEG 2000 chrominance subsampling memory corruption attempt (file-pdf.rules)
 * 1:38215 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData.paletteMap size mismatch integer overflow attempt (file-flash.rules)
 * 1:38216 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData.paletteMap size mismatch integer overflow attempt (file-flash.rules)
 * 1:38219 <-> DISABLED <-> FILE-FLASH Adobe Flash Player use after free attempt (file-flash.rules)
 * 1:38220 <-> DISABLED <-> FILE-FLASH Adobe Flash Player use after free (file-flash.rules)
 * 1:38223 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader annotation oversized array memory corruption attempt (file-pdf.rules)
 * 1:38239 <-> DISABLED <-> FILE-FLASH Adobe Flash Player rectangle width integer overflow attempt (file-flash.rules)
 * 1:38241 <-> DISABLED <-> FILE-FLASH Adobe Flash Player rectangle width integer overflow attempt (file-flash.rules)
 * 1:38286 <-> DISABLED <-> SERVER-WEBAPP Reprise License Manager actserver stack buffer overflow attempt (server-webapp.rules)
 * 1:38287 <-> DISABLED <-> SERVER-WEBAPP Reprise License Manager akey stack buffer overflow attempt (server-webapp.rules)
 * 1:38288 <-> DISABLED <-> SERVER-WEBAPP Reprise License Manager licfile stack buffer overflow attempt (server-webapp.rules)
 * 1:38327 <-> DISABLED <-> MALWARE-BACKDOOR ReGeorg proxy read attempt (malware-backdoor.rules)
 * 1:38405 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Transform Class Matrix AS2 use after free attempt (file-flash.rules)
 * 1:38406 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Transform Class Matrix AS2 use after free attempt (file-flash.rules)
 * 1:38409 <-> DISABLED <-> FILE-FLASH Adobe Flash Player JPEG-XR decode buffer overflow attempt (file-flash.rules)
 * 1:38410 <-> DISABLED <-> FILE-FLASH Adobe Flash Player JPEG-XR decode buffer overflow attempt (file-flash.rules)
 * 1:38413 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection to ColorMatrixFilter object type confusion attempt (file-flash.rules)
 * 1:38415 <-> DISABLED <-> FILE-FLASH Adobe Flash Player NetConnection to ColorMatrixFilter object type confusion attempt (file-flash.rules)
 * 1:43048 <-> DISABLED <-> FILE-FLASH Adobe Flash Player JSON stringify memory corruption attempt (file-flash.rules)
 * 1:38425 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ExportAssets count memory corruption attempt (file-flash.rules)
 * 1:38430 <-> DISABLED <-> FILE-FLASH Adobe Flash Player toString type confusion memory corruption attempt (file-flash.rules)
 * 1:38433 <-> DISABLED <-> FILE-FLASH Adobe Flash Player toString type confusion memory corruption attempt (file-flash.rules)
 * 1:38481 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel msxml6 ParseElementN use after free attempt (file-office.rules)
 * 1:38482 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel msxml6 ParseElementN use after free attempt (file-office.rules)
 * 1:38577 <-> DISABLED <-> FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (file-flash.rules)
 * 1:38593 <-> DISABLED <-> EXPLOIT-KIT Nuclear Exploit Kit back end communications attempt (exploit-kit.rules)
 * 1:38631 <-> DISABLED <-> FILE-FLASH Angler exploit kit Adobe Flash SWF exploit download (file-flash.rules)
 * 1:38632 <-> DISABLED <-> FILE-FLASH Angler exploit kit Adobe Flash SWF exploit download (file-flash.rules)
 * 1:38635 <-> DISABLED <-> FILE-FLASH Nuclear exploit kit Adobe Flash SWF exploit download (file-flash.rules)
 * 1:38636 <-> DISABLED <-> FILE-FLASH Nuclear exploit kit Adobe Flash SWF exploit download (file-flash.rules)
 * 1:38729 <-> DISABLED <-> SERVER-OTHER Mediabridge Medialink MWN-WAPR300N and Tenda N3 Wireless N150 inbound admin attempt (server-other.rules)
 * 1:38772 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer EMF file integer overflow attempt (browser-ie.rules)
 * 1:38782 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word TTF out-of-bounds memory access attempt (file-office.rules)
 * 1:38783 <-> DISABLED <-> FILE-OFFICE Microsoft Office Word TTF out-of-bounds memory access attempt (file-office.rules)
 * 1:38830 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ContentFactory memory corruption attempt (file-flash.rules)
 * 1:38832 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ContentFactory memory corruption attempt (file-flash.rules)
 * 1:38833 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ContentFactory memory corruption attempt (file-flash.rules)
 * 1:38841 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer VBScript toString redim array use after free attempt (browser-ie.rules)
 * 1:38881 <-> DISABLED <-> FILE-FLASH Adobe Flash Player FileReference type confusion attempt (file-flash.rules)
 * 1:43169 <-> DISABLED <-> BROWSER-IE Microsoft Edge textContent use after free attempt (browser-ie.rules)
 * 1:43221 <-> DISABLED <-> MALWARE-OTHER Win.Trojan-Downloader.Jadtree GET request of RAR file to server (malware-other.rules)
 * 1:49788 <-> ENABLED <-> MALWARE-CNC Win.Trojan.Zacinlo outbound connection (malware-cnc.rules)
 * 1:49255 <-> DISABLED <-> FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (file-java.rules)
 * 1:49311 <-> DISABLED <-> FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (file-flash.rules)
 * 1:49376 <-> DISABLED <-> SERVER-APACHE Apache Struts remote code execution attempt (server-apache.rules)
 * 1:38883 <-> DISABLED <-> FILE-FLASH Adobe Flash Player FileReference type confusion attempt (file-flash.rules)
 * 1:38972 <-> DISABLED <-> FILE-FLASH Adobe Flash Player OpportunityGenerator.update memory corruption attempt (file-flash.rules)
 * 1:38973 <-> DISABLED <-> FILE-FLASH Adobe Flash Player OpportunityGenerator.update memory corruption attempt (file-flash.rules)
 * 1:38974 <-> DISABLED <-> FILE-FLASH Adobe Flash Player OpportunityGenerator.update memory corruption attempt (file-flash.rules)
 * 1:38980 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed FlateDecode stream use after free attempt (file-pdf.rules)
 * 1:38981 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed FlateDecode stream use after free attempt (file-pdf.rules)
 * 1:38996 <-> DISABLED <-> FILE-FLASH Adobe Flash Player addProperty use after free attempt (file-flash.rules)
 * 1:38998 <-> DISABLED <-> FILE-FLASH Adobe Flash Player addProperty use after free attempt (file-flash.rules)
 * 1:39009 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setMetadata memory corruption attempt (file-flash.rules)
 * 1:39010 <-> DISABLED <-> FILE-FLASH Adobe Flash Player setMetadata memory corruption attempt (file-flash.rules)
 * 1:39013 <-> DISABLED <-> FILE-PDF Adobe Reader CTJPEGDecoderReadNextTile out of bounds read attempt (file-pdf.rules)
 * 1:39014 <-> DISABLED <-> FILE-PDF Adobe Reader CTJPEGDecoderReadNextTile out of bounds read attempt (file-pdf.rules)
 * 1:39015 <-> DISABLED <-> FILE-PDF Adobe Reader AcroForm dictionary object use after free attempt (file-pdf.rules)
 * 1:39019 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PSDK use-after-free attempt (file-flash.rules)
 * 1:39020 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PSDK use-after-free attempt (file-flash.rules)
 * 1:39022 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PSDK use-after-free attempt (file-flash.rules)
 * 1:39024 <-> DISABLED <-> FILE-FLASH Adobe Flash Player selection.setFocus use after free attempt (file-flash.rules)
 * 1:39025 <-> DISABLED <-> FILE-FLASH Adobe Flash Player selection.setFocus use after free attempt (file-flash.rules)
 * 1:39032 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASSetNative use-after-free attempt (file-flash.rules)
 * 1:39033 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ASSetNative use-after-free attempt (file-flash.rules)
 * 1:39102 <-> DISABLED <-> FILE-PDF Adobe Reader PDF embedded JPEG memory corruption attempt (file-pdf.rules)
 * 1:39103 <-> DISABLED <-> FILE-PDF Adobe Reader PDF embedded JPEG memory corruption attempt (file-pdf.rules)
 * 1:39261 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malformed OTF file out-of-bounds memory access attempt (file-other.rules)
 * 1:39272 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShimContentFactory uninitialized pointer use attempt (file-flash.rules)
 * 1:39280 <-> DISABLED <-> FILE-FLASH Adobe Primetime SDK object type confusion overflow attempt (file-flash.rules)
 * 1:39285 <-> DISABLED <-> FILE-FLASH Adobe Flash Player loadSound use after free attempt (file-flash.rules)
 * 1:39288 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShimContentResolver out of bounds memory access attempt (file-flash.rules)
 * 1:39290 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Primetime SDK ShimContentResolver out of bounds memory access attempt (file-flash.rules)
 * 1:39298 <-> DISABLED <-> FILE-FLASH Adobe Flash player retrieveResolvers memory corruption attempt (file-flash.rules)
 * 1:39305 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Primetime SDK ShimContentResolver out of bounds memory access attempt (file-flash.rules)
 * 1:39319 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShimOpportunityGenerator out of bounds memory access attempt (file-flash.rules)
 * 1:39398 <-> DISABLED <-> SERVER-WEBAPP Symantec SEPM management console cross site scripting attempt (server-webapp.rules)
 * 1:39402 <-> DISABLED <-> FILE-OTHER Symantec Antivirus ALPkOldFormatDecompressor out of bounds read attempt (file-other.rules)
 * 1:39441 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer overflow attempt (file-flash.rules)
 * 1:39457 <-> DISABLED <-> FILE-FLASH Adobe Flash Player integer underflow attempt (file-flash.rules)
 * 1:39505 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer Edge text node table-cell use after free attempt (browser-ie.rules)
 * 1:39524 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel empty bookViews element denial of service attempt (file-office.rules)
 * 1:39525 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel empty bookViews element denial of service attempt (file-office.rules)
 * 1:39540 <-> DISABLED <-> FILE-FLASH Adobe Flash Player local-with-filesystem security bypass attempt (file-flash.rules)
 * 1:39543 <-> DISABLED <-> FILE-FLASH Adobe Flash Player local-with-filesystem security bypass attempt (file-flash.rules)
 * 1:39564 <-> DISABLED <-> FILE-FLASH Adobe Flash Player TimedEvent memory corruption attempt (file-flash.rules)
 * 1:39685 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Tinba variant outbound connection (malware-cnc.rules)
 * 1:39687 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader malformed embeded TTF file memory corruption attempt (file-pdf.rules)
 * 1:39690 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ABRControlParameters access memory corruption attempt (file-flash.rules)
 * 1:39702 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MediaPlayerItemLoader out of bounds memory access attempt (file-flash.rules)
 * 1:39799 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader raster image memory corruption attempt (file-pdf.rules)
 * 1:39824 <-> DISABLED <-> OS-WINDOWS Microsoft Windows GDI emf file integer overflow attempt (os-windows.rules)
 * 1:39843 <-> DISABLED <-> OS-WINDOWS Microsoft Windows gdiplus EMF EmrText out of bounds write attempt (os-windows.rules)
 * 1:39851 <-> DISABLED <-> INDICATOR-COMPROMISE Connection to malware sinkhole - CERT.PL (indicator-compromise.rules)
 * 1:39893 <-> DISABLED <-> OS-LINUX Linux Kernel USBIP out of bounds write attempt (os-linux.rules)
 * 1:39894 <-> DISABLED <-> OS-LINUX Linux Kernel USBIP out of bounds write attempt (os-linux.rules)
 * 1:40075 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel LPenHelper out of bounds write attempt (file-office.rules)
 * 1:40076 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel LPenHelper out of bounds write attempt (file-office.rules)
 * 1:40102 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40103 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40104 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40105 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40106 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40107 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40116 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40117 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40121 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40122 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:40152 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DRMManager memory corruption attempt (file-flash.rules)
 * 1:40167 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShimContentResolver out of bounds memory access attempt (file-flash.rules)
 * 1:40178 <-> DISABLED <-> FILE-FLASH Adobe Flash Player local-with-filesystem sandbox escape attempt (file-flash.rules)
 * 1:40236 <-> DISABLED <-> FILE-PDF Adobe Reader embedded font out of bounds memory access attempt (file-pdf.rules)
 * 1:40237 <-> DISABLED <-> FILE-PDF Adobe Reader embedded font out of bounds memory access attempt (file-pdf.rules)
 * 1:40312 <-> DISABLED <-> BROWSER-IE Microsoft Internet Explorer CTreePos type confusion attempt (browser-ie.rules)
 * 1:40375 <-> DISABLED <-> OS-WINDOWS Microsoft Windows insecure BoundaryDescriptor privilege escalation attempt (os-windows.rules)
 * 1:40425 <-> DISABLED <-> OS-WINDOWS Microsoft Windows GDI+ EMF buffer overread attempt (os-windows.rules)
 * 1:40503 <-> DISABLED <-> FILE-FLASH Adobe Flash Player QOSProvider use-after-free attempt (file-flash.rules)
 * 1:40706 <-> DISABLED <-> FILE-OTHER Microsoft Windows OTF cmap table parsing integer overflow attempt (file-other.rules)
 * 1:40717 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel LPenHelper use after free attempt (file-office.rules)
 * 1:40718 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel LPenHelper use after free attempt (file-office.rules)
 * 1:40737 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Primetime SDK AdvertisingMetadata type confustion attempt (file-flash.rules)
 * 1:40743 <-> DISABLED <-> FILE-FLASH Adobe Flash Player AVSegmentedSource use after free attempt (file-flash.rules)
 * 1:40753 <-> ENABLED <-> EXPLOIT-KIT Rig exploit kit outbound communication (exploit-kit.rules)
 * 1:40813 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight GetChar out of bounds read attempt (browser-plugins.rules)
 * 1:40814 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Silverlight GetChar out of bounds read attempt (browser-plugins.rules)
 * 1:40934 <-> DISABLED <-> FILE-EXECUTABLE Nvidia Windows kernel mode driver denial of service attempt (file-executable.rules)
 * 1:40957 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel security descriptor out of bounds read attempt (file-office.rules)
 * 1:40958 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel security descriptor out of bounds read attempt (file-office.rules)
 * 1:40959 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ddeService command execution attempt (file-office.rules)
 * 1:40960 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel ddeService command execution attempt (file-office.rules)
 * 1:40983 <-> DISABLED <-> FILE-OTHER Microsoft Internet Explorer malformed ico integer overflow attempt (file-other.rules)
 * 1:41003 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Primetime SDK out of bounds read attempt (file-flash.rules)
 * 1:41015 <-> DISABLED <-> FILE-FLASH Acrobat Flash WorkerDomain memory corruption attempt (file-flash.rules)
 * 1:41026 <-> DISABLED <-> SERVER-WEBAPP Advantech WebAccess Dashboard remote code execution attempt (server-webapp.rules)
 * 1:41310 <-> DISABLED <-> FILE-IMAGE libBPG restore_tqb_pixel out of bounds write attempt (file-image.rules)
 * 1:41344 <-> DISABLED <-> FILE-OTHER CorelDRAW X8 EMF invalid ihBrush field value out of bounds read attempt (file-other.rules)
 * 1:41358 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Primetime SDK ShimContentResolver memory corruption attempt (file-flash.rules)
 * 1:41515 <-> DISABLED <-> POLICY-OTHER McAfee Virus Scan Linux outdated version detected (policy-other.rules)
 * 1:41516 <-> DISABLED <-> SERVER-WEBAPP McAfee Virus Scan Linux file existence test attempt (server-webapp.rules)
 * 1:41521 <-> DISABLED <-> SERVER-WEBAPP McAfee Virus Scan Linux cross site scripting attempt (server-webapp.rules)
 * 1:41565 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:41566 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (file-office.rules)
 * 1:41601 <-> DISABLED <-> FILE-PDF Microsoft Edge PDF Builder out of bounds read attempt (file-pdf.rules)
 * 1:47148 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Ursnif malicious file download (malware-cnc.rules)
 * 1:41602 <-> DISABLED <-> FILE-PDF Microsoft Edge PDF Builder out of bounds read attempt (file-pdf.rules)
 * 1:41624 <-> DISABLED <-> FILE-FLASH Adobe Flash Player MessageChannel type confusion attempt (file-flash.rules)
 * 1:41630 <-> DISABLED <-> FILE-FLASH Adobe Flash Player PSDK EventDispatch removeEventListener use after free attempt (file-flash.rules)
 * 1:41680 <-> DISABLED <-> FILE-FLASH Adobe Flash Player ShimContentResolver out of bounds memory access attempt (file-flash.rules)
 * 1:41681 <-> DISABLED <-> SERVER-WEBAPP McAfee Virus Scan Linux remote code execution attempt (server-webapp.rules)
 * 1:41783 <-> ENABLED <-> EXPLOIT-KIT Rig exploit kit URL outbound communication (exploit-kit.rules)
 * 1:41818 <-> DISABLED <-> SERVER-APACHE Apache Struts remote code execution attempt (server-apache.rules)
 * 1:41819 <-> DISABLED <-> SERVER-APACHE Apache Struts remote code execution attempt (server-apache.rules)
 * 1:41976 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel shared strings memory corruption attempt (file-office.rules)
 * 1:41977 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel shared strings memory corruption attempt (file-office.rules)
 * 1:41979 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel shared strings memory corruption attempt (file-office.rules)
 * 1:41980 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel shared strings memory corruption attempt (file-office.rules)
 * 1:42080 <-> DISABLED <-> MALWARE-CNC Win.Trojan.Jenxcus outbound connection with unique User-Agent (malware-cnc.rules)
 * 1:47556 <-> DISABLED <-> MALWARE-CNC Win.Trojan.PLEAD downloader outbound connection (malware-cnc.rules)
 * 1:42097 <-> DISABLED <-> FILE-FLASH Adobe Flash Player Resolution Opportunity parameter memory corruption attempt (file-flash.rules)
 * 1:42150 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malformed OTF file out-of-bounds memory access attempt (file-other.rules)
 * 1:42151 <-> DISABLED <-> FILE-OTHER Microsoft Windows ATMFD font driver malformed OTF file out-of-bounds memory access attempt (file-other.rules)
 * 1:42161 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel  out of bounds memory attempt (file-office.rules)
 * 1:42162 <-> DISABLED <-> FILE-OFFICE Microsoft Office Excel out of bounds memory attempt (file-office.rules)
 * 1:42222 <-> DISABLED <-> SERVER-WEBAPP Moxa MX Studio login page denial of service attempt (server-webapp.rules)
 * 1:42372 <-> ENABLED <-> POLICY-OTHER eicar file detected (policy-other.rules)
 * 1:42373 <-> ENABLED <-> POLICY-OTHER eicar file detected (policy-other.rules)
 * 1:42374 <-> ENABLED <-> POLICY-OTHER eicar file detected (policy-other.rules)
 * 1:42375 <-> ENABLED <-> POLICY-OTHER eicar file detected (policy-other.rules)
 * 1:42376 <-> ENABLED <-> POLICY-OTHER eicar file detected (policy-other.rules)
 * 1:42810 <-> DISABLED <-> FILE-FLASH Adobe Flash Player BitmapData out of bounds memory access attempt (file-flash.rules)
 * 1:56133 <-> ENABLED <-> BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (browser-chrome.rules)
 * 1:42811 <-> DISABLED <-> BROWSER-IE Microsoft Edge Chakra Engine use-after-free attempt (browser-ie.rules)
 * 1:42812 <-> DISABLED <-> BROWSER-IE Microsoft Edge Chakra Engine use-after-free attempt (browser-ie.rules)
 * 1:42816 <-> DISABLED <-> FILE-FLASH Adobe Flash Player display object mask use after free attempt (file-flash.rules)
 * 1:42817 <-> DISABLED <-> FILE-FLASH Adobe Flash Player DisplayObject use after free attempt (file-flash.rules)
 * 1:42902 <-> DISABLED <-> FILE-OFFICE Microsoft Office EPS restore command use after free attempt (file-office.rules)
 * 1:42904 <-> DISABLED <-> FILE-OFFICE Microsoft Office EPS restore command use after free attempt (file-office.rules)
 * 1:42911 <-> DISABLED <-> FILE-PDF Acrobat Reader TIFF malformed IFD tag heap overflow attempt (file-pdf.rules)
 * 1:42913 <-> DISABLED <-> FILE-PDF Acrobat Reader TIFF malformed IFD tag heap overflow attempt (file-pdf.rules)