Just wondering if anyone, or everyone, is experiencing an increase in IPS events on their Fireboxes.
It used to be I would see a dozen or so a month, now I'm almost getting that daily.
It's usually something simple.
These are the top culprits for the past seven days, with 1133253 being the most detections. It's a Linux or Open BSD exploit.
Interesting - none of these are recent - not what I would have expected.
1133253 Release date: 2016-11-30 no CVE for this Linux/Unix bug
1138920 Release date: 2021-03-30 CVE-2021-3449 OpenSSL bug
1130593 Release Date: 2015-04-14 CVE-2015-1635 Microsoft IIS bug
1056055 Release Date: 2012-05-04 CVE-2012-1823 PHP bug
It's not uncommon for attacks to ebb and flow as the folks running the exploits adjust what works vs what doesn't.
WatchGuard Customer Support