[Emerging-Sigs] Daily Ruleset Update Summary 09/12/2014

Francis Trudeau ftrudeau at emergingthreats.net
Fri Sep 12 16:34:14 EDT 2014


 [***] Summary: [***]

 4 new Open signatures, 9 new Pro (4+9).  Tinba, Nuclear EK, Critroni, Cendelf.

 Thanks:  @kafeine and @malware_traffic

 [+++]          Added rules:          [+++]

  2019167 - ET CURRENT_EVENTS Nuclear EK Silverlight URI Struct
(current_events.rules)
  2019168 - ET TROJAN Tinba Checkin (trojan.rules)
  2019169 - ET TROJAN Tinba Server Response (trojan.rules)
  2019171 - ET TROJAN DoS.Linux/Elknot.E Checkin (trojan.rules)

 Pro:

  2808805 - ETPRO TROJAN Win32/Cendelf.gen!A checkin (trojan.rules)
  2808806 - ETPRO MOBILE_MALWARE Android/FakeDefender.A Checkin
(mobile_malware.rules)
  2808807 - ETPRO TROJAN Win32/PSWTool.WebBrowserPassView.B checkin
(trojan.rules)
  2808808 - ETPRO TROJAN Win32/ChkBot.A Checkin (trojan.rules)
  2808809 - ETPRO TROJAN Win32/Critroni Tor DNS Proxy lookup (trojan.rules)


 [///]     Modified active rules:     [///]

  2011797 - ET CURRENT_EVENTS Driveby Bredolab - client exploited by
acrobat (current_events.rules)
  2011906 - ET CURRENT_EVENTS exploit kit x/load/svchost.exe
(current_events.rules)
  2017667 - ET CURRENT_EVENTS Nuclear EK Payload URI Struct Nov 05
2013 (current_events.rules)
  2808804 - ETPRO TROJAN Win32/Cendelf.gen!A www.163.com connectivity
check (trojan.rules)


 [---]  Disabled and modified rules:  [---]

  2018594 - ET CURRENT_EVENTS Possible Upatre SSL Cert
webhostingpad.com (current_events.rules)


More information about the Emerging-sigs mailing list