[Emerging-updates] Daily Ruleset Update Summary #2 4/4/2012

Will Metcalf wmetcalf at emergingthreatspro.com
Thu Apr 5 20:05:41 EDT 2012


Second update today!  9 new Open rules 5 new Pro rules, a few small tweaks.

[***] Results from Oinkmaster started Thu Apr  5 19:48:16 2012 [***]

[+++]          Added rules:          [+++]

 Open:
 2013023 - ET MOBILE_MALWARE DNS Query for gongfu-android.com
DroidKungFu CnC Server (mobile_malware.rules)
 2014514 - ET INFO EXE - OSX Executable Download - Multi Arch w/Intel
(info.rules)
 2014515 - ET INFO EXE - OSX Executable Download - Multi Arch
w/PowerPC (info.rules)
 2014516 - ET INFO EXE - OSX Executable Download - Intel Arch (info.rules)
 2014517 - ET INFO EXE - OSX Executable Download - PowerPC Arch (info.rules)
 2014518 - ET INFO EXE - OSX Disk Image Download (info.rules)
 2014519 - ET INFO EXE - Served Inline HTTP (info.rules)
 2014520 - ET INFO EXE - Served Attached HTTP (info.rules)
 2014521 - ET CURRENT_EVENTS Possible Blackhole Landing to 8 chr
folder plus index.html (current_events.rules)

 Pro:
 2804763 - ETPRO TROJAN Win32/Psyokym.B Checkin (trojan.rules)
 2804764 - ETPRO TROJAN W32/Fakevimes.gen!B Checkin (trojan.rules)
 2804765 - ET TROJAN Dirt Jumper/Russkill v5 Checkin (trojan.rules)
 2804766 - ETPRO TROJAN Trojan.Win32.TDSS.iqjw Checkin (trojan.rules)
 2804767 - ETPRO TROJAN Trojan-Spy.Win32.Agent.bxuh Checkin (trojan.rules)


[///]     Modified active rules:     [///]

 Open:
 2014467 - ET TROJAN Win32.Datamaikon Checkin NewAgent (trojan.rules)
 2014468 - ET TROJAN Win32.Datamaikon Checkin myAgent (trojan.rules)
 2102580 - GPL WEB_CLIENT server negative Content-Length attempt
(web_client.rules)

 Pro:
 2804666 - ETPRO TROJAN Khan DDoS Bot Checkin (trojan.rules)


[///]    Modified inactive rules:    [///]

 2008673 - ET ACTIVEX Microsoft PicturePusher ActiveX Cross Site File
Upload Attack (activex.rules)


[---]  Disabled and modified rules:  [---]

 2014466 - ET TROJAN Win32.Datamaikon Checkin (trojan.rules)


[---]         Removed rules:         [---]

 2001293 - ET MALWARE Featured-Results.com Agent Reporting Data (malware.rules)
 2007755 - ET TROJAN Trojan-Downloader.Win32.Small.hkp Checkin via
HTTP (trojan.rules)
 2013023 - ET DNS DNS Query for gongfu-android.com DroidKungFu CnC
Server (dns.rules)


More information about the Emerging-updates mailing list