[Emerging-Sigs] Daily Ruleset Update Summary 12/20/2012

Matt Jonkman jonkman at emergingthreats.net
Thu Dec 20 10:49:46 HAST 2012


6 new Open sigs, 1 new Pro mobile sig today, and one reclassified to
mobile.

 [+++]          Added rules:          [+++]

  2016067 - ET POLICY Possible BitCoin Miner User-Agent (miner)
(policy.rules)
  2016068 - ET POLICY poclbm BitCoin miner (policy.rules)
  2016069 - ET MALWARE suspicious User-Agent (vb   wininet) (malware.rules)
  2016070 - ET CURRENT_EVENTS SofosFO obfuscator string 19 Dec 12 -
possible landing (current_events.rules)
  2016071 - ET CURRENT_EVENTS SofosFO 20 Dec 12 - .jar file request
(current_events.rules)
  2016072 - ET CURRENT_EVENTS SofosFO 20 Dec 12 - .pdf file request
(current_events.rules)


  2805854 - ETPRO MOBILE_MALWARE AndroidOS/Cosha.A / Android/Lovetrap.A
Checkin (mobile_malware.rules)
  2805856 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.Opfake.a Checkin 2
(mobile_malware.rules)


 [---]         Removed rules:         [---]

  2805665 - ETPRO TROJAN Trojan-Clicker.Win32.VB.gby Checkin 2
(trojan.rules)
  2805854 - ETPRO TROJAN AndroidOS/Cosha.A / Android/Lovetrap.A Checkin
(trojan.rules)

-- 

----------------------------------------------------
Matt Jonkman
Emerging Threats Pro
Open Information Security Foundation (OISF)
Phone 866-504-2523 x110
http://www.emergingthreatspro.com
http://www.openinfosecfoundation.org
----------------------------------------------------
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-sigs/attachments/20121220/8ab8cb11/attachment.html>


More information about the Emerging-sigs mailing list