[Emerging-Sigs] Emerging Threats Daily Signature Changes

[emerging@emergingthreats.net]

[***] Results from Oinkmaster started Thu May 29 17:00:08 2008 [***]

[+++]          Added rules:          [+++]

 2008264 - ET MALWARE Suspicious User-Agent (opera) (emerging-malware.rules)
 2008265 - ET MALWARE Suspicious User-Agent (creativesmover loader vnr2.2) (emerging-malware.rules)
 2008266 - ET MALWARE Suspicious User-Agent (Zilla) (emerging-malware.rules)
 2008267 - ET TROJAN Banker.JU Related HTTP Post-infection Checkin (emerging-virus.rules)
 2008268 - ET TROJAN Delf Checkin via HTTP (8) (emerging-virus.rules)


[///]     Modified active rules:     [///]

 2008221 - ET TROJAN Asprox-style Message ID (emerging-virus.rules)
 2008222 - ET TROJAN Asprox phishing email detected (emerging-virus.rules)
 2008245 - ET TROJAN Juicopotomous to Controller (emerging-virus.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to emerging-sid-msg.map (5):
        2008264 || ET MALWARE Suspicious User-Agent (opera)
        2008265 || ET MALWARE Suspicious User-Agent (creativesmover loader vnr2.2)
        2008266 || ET MALWARE Suspicious User-Agent (Zilla)
        2008267 || ET TROJAN Banker.JU Related HTTP Post-infection Checkin
        2008268 || ET TROJAN Delf Checkin via HTTP (8)

     -> Added to emerging-sid-msg.map.txt (5):
        2008264 || ET MALWARE Suspicious User-Agent (opera)
        2008265 || ET MALWARE Suspicious User-Agent (creativesmover loader vnr2.2)
        2008266 || ET MALWARE Suspicious User-Agent (Zilla)
        2008267 || ET TROJAN Banker.JU Related HTTP Post-infection Checkin
        2008268 || ET TROJAN Delf Checkin via HTTP (8)

     -> Added to emerging-virus.rules (1):
        #matt jonkman, banker.JU