[Emerging-Sigs] Emerging Threats Daily Signature Changes

emerging@emergingthreats.net emerging at emergingthreats.net
Fri Jan 30 16:00:09 EST 2009


[***] Results from Oinkmaster started Fri Jan 30 16:00:09 2009 [***]

[///]     Modified active rules:     [///]

 2003509 - ET TROJAN Gozi Certificate Information Leakage (emerging-virus.rules)
 2003511 - ET TROJAN Gozi Form Data Information Leakage (emerging-virus.rules)
 2008976 - ET TROJAN Vundo Variant reporting to Controller via HTTP (1) (emerging-virus.rules)
 2008977 - ET TROJAN Vundo Variant reporting to Controller via HTTP (2) (emerging-virus.rules)
 2008994 - ET WEB_SPECIFIC Multiple Membership Script id parameter SQL injection (emerging-web_sql_injection.rules)
 2009040 - ET SCAN SQLNinja MSSQL User Scan (emerging-scan.rules)
 2009046 - ET WEB_ACTIVEX Chilkat Socket Activex Remote Arbitrary File Overwrite 1 (emerging-web.rules)


[---]     Removed non-rule lines:    [---]

     -> Removed from emerging-sid-msg.map (2):
        2500060 || ET COMPROMISED Known Compromised or Hostile Host Traffic (61) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510060 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (61) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts

     -> Removed from emerging-sid-msg.map.txt (2):
        2500060 || ET COMPROMISED Known Compromised or Hostile Host Traffic (61) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts
        2510060 || ET COMPROMISED Known Compromised or Hostile Host Traffic - BLOCKING (61) || url,doc.emergingthreats.net/bin/view/Main/CompromisedHosts



More information about the Emerging-sigs mailing list