[Emerging-updates] Daily Ruleset Update Summary 4/25/2012

Will Metcalf wmetcalf at emergingthreatspro.com
Wed Apr 25 23:48:31 EDT 2012


 8 Open rules. 4 Pro rules. A few fixes and tweaks. Enjoy!

 [+++]          Added rules:          [+++]
 Open:
 2014636 - ET TROJAN Backdoor.Win32/Poison.BI (trojan.rules)
 2014637 - ET TROJAN Maljava Dropper for Windows (trojan.rules)
 2014638 - ET TROJAN Maljava Dropper for OS X (trojan.rules)
 2014639 - ET CURRENT_EVENTS Incognito Exploit Kit PDF request to
images.php?t=81118 (current_events.rules)
 2014640 - ET CURRENT_EVENTS Incognito Exploit Kit payload request to
images.php?t=N (current_events.rules)
 2014641 - ET CURRENT_EVENTS Incognito Exploit Kit landing page request to
images.php?t=4xxxxxxx (current_events.rules)
 2014642 - ET CURRENT_EVENTS Blackhole Java Exploit request to /Edu.jar
(current_events.rules)
 2014643 - ET TROJAN ConstructorWin32/Agent.V (trojan.rules)

 Pro:
 2804852 - ETPRO TROJAN Backdoor.Win32/Simda.gen!A Checkin (trojan.rules)
 2804853 - ETPRO TROJAN User-Agent (MyIE2) (trojan.rules)
 2804854 - ETPRO TROJAN Trojan-Dropper.Win32.Agent.eoqo Checkin
(trojan.rules)
 2804855 - ETPRO CURRENT_EVENTS Win32.Simda.Y/Win32.Shiz.awez DNS Query to
jecijyjudew.eu Domain (current_events.rules)


 [///]     Modified active rules:     [///]
 Open:
 2014228 - ET TROJAN Backdoor Win32.Idicaf/Atraps (trojan.rules)
 2014284 - ET CURRENT_EVENTS Blackhole Exploit Pack HCP exploit 4
(current_events.rules)
 2014547 - ET CURRENT_EVENTS TDS Sutra - redirect received
(current_events.rules)
 2014548 - ET CURRENT_EVENTS TDS Sutra - cookie set (current_events.rules)

 Pro:
 2804698 - ETPRO TROJAN Win32/Banker.AEA Checkin (trojan.rules)
 2804832 - ETPRO TROJAN PWS.Win32/Zbot.gen!AF CnC traffic (trojan.rules)


 [---]         Removed rules:         [---]

 2804581 - ETPRO TROJAN TrojanDownloader.Win32/Cred.B Checkin (trojan.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20120425/c09fa666/attachment.html>


More information about the Emerging-updates mailing list