APT1.SSL.Certificate
Description
This indicates the detection of SSL certificates used by some network attacks.
The self-signed X.509 certificates are used to encrypt malware communications.
Affected Products
N/A
Impact
System Compromise: Remote attackers can gain control of vulnerable systems
Recommended Actions
This signature's action can be set to "Block" to protect against this threat.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |