[Emerging-updates] Daily Ruleset Update SUmmary 3/4/2011

Matthew Jonkman jonkman at emergingthreatspro.com
Fri Mar 4 15:34:26 EST 2011


RBN list updated today, some removals and additions. 

We brought 2010148 back from deleted, thanks Jason. Modified to catch recent variations.

[+++]          Added rules:          [+++]

 2010148 - ET CURRENT_EVENTS DHL Spam Inbound (current_events.rules)


And the ET Pro rules:

 2801415 - ETPRO TROJAN KOOBFACE.AW Activity (trojan.rules)
 2801427 - ETPRO TROJAN Backdoor.Win32.Zmnada.A Activity (trojan.rules)
 2801428 - ETPRO TROJAN Trojan.Win32.Banker.U Checkin (trojan.rules)
 2801429 - ETPRO ACTIVEX CA Internet Security Suite XMLSecDB ActiveX Insecure File Creation 1 (activex.rules)
 2801430 - ETPRO ACTIVEX CA Internet Security Suite XMLSecDB ActiveX Insecure File Creation 2 (activex.rules)
 2801431 - ETPRO WEB_SPECIFIC_APPS Quicktech id Parameter SELECT FROM SQL Injection Attempt (web_specific_apps.rules)
 2801432 - ETPRO WEB_SPECIFIC_APPS Quicktech id Parameter DELETE FROM SQL Injection Attempt (web_specific_apps.rules)
 2801433 - ETPRO WEB_SPECIFIC_APPS Quicktech id Parameter UNION SELECT SQL Injection Attempt (web_specific_apps.rules)
 2801434 - ETPRO WEB_SPECIFIC_APPS Quicktech id Parameter INSERT INTO SQL Injection Attempt (web_specific_apps.rules)
 2801435 - ETPRO WEB_SPECIFIC_APPS Quicktech id Parameter UPDATE SET SQL Injection Attempt (web_specific_apps.rules)


----------------------------------------------------
Matthew Jonkman
Emergingthreats.net
Emerging Threats Pro
Open Information Security Foundation (OISF)
Phone 765-807-8630
Fax 312-264-0205
http://www.emergingthreatspro.com
http://www.openinfosecfoundation.org
----------------------------------------------------

PGP: http://www.jonkmans.com/mattjonkman.asc





More information about the Emerging-updates mailing list