We have a client that is getting hit with a bunch of random attacks lately. They have Symantec Endpoint Protection installed and are getting a ton of popups.
One example is: PHP CGI CVE-2012-1823
Another is Web Attack: Muieblackcat Scanner Request
I have everything enabled under IPS under the Attack Patterns tab but I do not see anywhere to block this specific attack. Is there a way to add these in?
Thanks!
This thread was automatically locked due to age.