[Emerging-updates] Daily Ruleset Update Summary 4/24/2012

Will Metcalf wmetcalf at emergingthreatspro.com
Tue Apr 24 19:41:52 EDT 2012


2 new Open rules 5 new Pro rules.  A few small fixes. Blog post on Open
rules:
http://www.emergingthreatspro.com/bot-of-the-day/variant-kazy-53640-lessons-in-camouflage-using-clear-plastic-tarps-and-air-horns/

 [+++]          Added rules:          [+++]
 Open:
 2014634 - ET TROJAN Possible Variant.Kazy.53640 Malformed Client Hello SSL
3.0 (Session_Id length greater than Client_Hello Length) (trojan.rules)
 2014635 - ET TROJAN Possible Variant.Kazy.53640 Malformed Client Hello SSL
3.0 (Cipher_Suite length greater than Client_Hello Length) (trojan.rules)

 Pro:
 2804847 - ETPRO TROJAN Ransom.EJ/Winlock.5857 Checkin (trojan.rules)
 2804848 - ETPRO TROJAN Trojan-Downloader.Win32.Adload.cfms Checkin
(trojan.rules)
 2804849 - ETPRO TROJAN Win32/Spy.Bancos.OMJ Checkin (trojan.rules)
 2804850 - ETPRO TROJAN Trojan.Win32.Scar.fgcf CnC Traffic (trojan.rules)
 2804851 - ETPRO TROJAN Win32/Cleaman.G Checkin 2 (trojan.rules)


 [///]     Modified active rules:     [///]

 Open:
 2013976 - ET TROJAN Zeus POST Request to CnC - URL agnostic (trojan.rules)

 Pro:
 2803880 - ETPRO TROJAN Win32/Sality.AT Checkin (trojan.rules)
 2804832 - ETPRO TROJAN PWS.Win32/Zbot.gen!AF CnC traffic (trojan.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20120424/1466a58b/attachment.html>


More information about the Emerging-updates mailing list