Rule Category

EXPLOIT-KIT -- Snort has alerted on traffic that is typical of known exploit kits. Exploit kits are pre-packaged sets of code and malware geared toward finding and taking advantage of common browser vulnerabilities. They are Javascript code that provides an entry point to a system to initiate the next state. Snort's rules look for known exploit kit nomenclature, information sent back exposing sensitive infrastructure, attempts to reach a certain file, etc. Rules try to identify the exact kit being used based on actor-group patterns, such as favored target website, malware types, and code similarities.

Alert Message

EXPLOIT-KIT Sweet Orange exploit kit landing page detected

Rule Explanation

None provided

What To Look For

No information provided

Known Usage

No public information

False Positives

No known false positives

Contributors

Cisco Talos Intelligence Group

Rule Groups

No rule groups

CVE

None

Rule Vulnerability

No information provided

CVE Additional Information

This product uses data from the NVD API but is not endorsed or certified by the NVD.

None