[Emerging-Sigs] Another unknown exploit kit

Chris Wakelin c.d.wakelin at reading.ac.uk
Mon Oct 10 19:45:37 EDT 2011

No, it turns out I'm missing the relevant emerging-policy rules to set
the flowbits. Enabling the whole lot will be problematic in a University
(staff are bad enough, but the students ...) so I better be selective!

Best Wishes,

On 11/10/2011 00:37, Martin Holste wrote:
> Cool, nice work.  I assume you're getting hits on Eoin's "ET TROJAN
> Java EXE Download by Vulnerable Version - Likely Driveby" (2013036)?

Christopher Wakelin,                           c.d.wakelin at reading.ac.uk
IT Services Centre, The University of Reading,  Tel: +44 (0)118 378 8439
Whiteknights, Reading, RG6 2AF, UK              Fax: +44 (0)118 975 3094

More information about the Emerging-sigs mailing list