[Emerging-updates] Daily Ruleset Update Summary 4/26/2012

Will Metcalf wmetcalf at emergingthreatspro.com
Thu Apr 26 18:08:10 EDT 2012


11 new Pro rules today.  A few small tweaks and fixes.

 [+++]          Added rules:          [+++]

 2804856 - ETPRO WEB_CLIENT Microsoft DOC File download CVE-2012-0158
ListView Overflow 1 -SET (web_client.rules)
 2804857 - ETPRO WEB_CLIENT Microsoft DOC File download CVE-2012-0158
ListView Overflow 2 -SET (web_client.rules)
 2804858 - ETPRO WEB_CLIENT Microsoft DOC File download CVE-2012-0158
ListView Overflow (web_client.rules)
 2804859 - ETPRO WEB_CLIENT Microsoft DOC File download CVE-2012-0158
TreeView Overflow 1 -SET (web_client.rules)
 2804860 - ETPRO WEB_CLIENT Microsoft DOC File download CVE-2012-0158
TreeView Overflow 2 -SET (web_client.rules)
 2804861 - ETPRO WEB_CLIENT Microsoft DOC File download CVE-2012-0158
TreeView Overflow (web_client.rules)
 2804862 - ETPRO TROJAN
HackTool.Win32.Binder.bs<http://hacktool.win32.binder.bs/> Checkin
(trojan.rules)
 2804863 - ETPRO TROJAN Trojan.Win32.Invader CnC Traffic (trojan.rules)
 2804864 - ETPRO TROJAN Win32/TrojanDownloader.Banload.QRE Checkin
(trojan.rules)
 2804866 - ETPRO TROJAN Trojan-Banker.Win32.Banbra.alvy Checkin
(trojan.rules)
 2804867 - ETPRO TROJAN Trojan-Banker.Win32.Banker.srjp Checkin
(trojan.rules)


 [///]     Modified active rules:     [///]

 2012520 - ET WEB_CLIENT Microsoft OLE Compound File Magic Bytes Flowbit
Set (web_client.rules)
 2014090 - ET TROJAN Suspicious user agent (V32) (trojan.rules)
 2014443 - ET CURRENT_EVENTS DRIVEBY Blackhole - Landing Page Recieved -
applet and flowbit (current_events.rules)
 2402000 - ET DROP Dshield Block Listed Source (dshield.rules)
 2804832 - ETPRO TROJAN PWS.Win32/Zbot.gen!AF CnC traffic (trojan.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20120426/fb32ff62/attachment.html>


More information about the Emerging-updates mailing list