[Emerging-updates] Daily Ruleset Update Summary 12/04/2012

Will Metcalf wmetcalf at emergingthreatspro.com
Tue Dec 4 15:07:59 HAST 2012


[***]          Summary:          [***]

5 new Open 10 new Pro (5/5). A couple of detection tweaks.

[+++]          Added rules:          [+++]

  Open:
  2015983 - ET CURRENT_EVENTS PHISH Bank - York - Creds Phished
(current_events.rules)
  2015984 - ET CURRENT_EVENTS Joomla Component SQLi Attempt
(current_events.rules)
  2015985 - ET TROJAN Win32/Kuluoz.B Request (trojan.rules)
  2015986 - ET SCAN MYSQL MySQL Remote FAST Account Password Cracking
(scan.rules)
  2015987 - ET EXPLOIT MySQL Heap based buffer overrun Exploit
Specific (exploit.rules)

  Pro:
  2805761 - ETPRO TROJAN Trojan-Ransom.Win32.Foreign.vcs Checkin (trojan.rules)
  2805762 - ETPRO TROJAN Trojan-Dropper.Win32.Agent.mg Checkin (trojan.rules)
  2805763 - ETPRO TROJAN W32/Dloader.IRQ!tr Checkin (trojan.rules)
  2805764 - ETPRO TROJAN Win32/Frethem.S at mm Checkin (trojan.rules)
  2805765 - ETPRO TROJAN Win32/Alureon.BV / Trojan.TDss.FJ Checkin
(trojan.rules)


 [///]     Modified active rules:     [///]

  2015922 - ET CURRENT_EVENTS Possible Glazunov Java exploit request
/10-/5-digit (current_events.rules)
  2015975 - ET EXPLOIT MySQL Stack based buffer overrun Exploit
Specific (exploit.rules)

 [---]         Removed rules:         [---]

  2002774 - ET MALWARE Corpsespyware.net Blind Data Upload (malware.rules)


More information about the Emerging-updates mailing list