Forum Discussion
thekoreanguy
Nimbostratus
NimbostratusCurious about the ASM Attack Signature Update
When I update signatures through ".im files", some signatures were often deleted. I thought the signatures to be deleted would be "risk : low" or "accuracy : low". But their risk, their accuracy, w...
Hi thekoreanhuy,
Looking at the ASM Signatures Release Notes, I see that six signatures have been removed in the last year. There are signatures with the same name but different ids, except "cmmd" signatures.
ASM-AttackSignatures_20240814_183003:
Deleted Information Leakage signature 200009311 for WordPress User Meta Information Disclosure (2)ASM-AttackSignatures_20240530_071654:
Deleted Predictable Resource Location signature 200010472 for Joomla! webservice endpoint unauthorized accessASM-AttackSignatures_20240507_152613:
Deleted Command Execution signature 200003079 for "cmmd" execution attempt
Deleted Command Execution signature 200003199 for "cmmd" execution attempt (Header)
Deleted Command Execution signature 200003200 for "cmmd" execution attempt (URI)ASM-AttackSignatures_20231122_200704:
Deleted Server Side Code Injection signature 200004163 for PHP injection attempt (passthru)