[Emerging-updates] Daily Ruleset Update Summary 08/05/2013

Will Metcalf wmetcalf at emergingthreatspro.com
Mon Aug 5 14:55:41 HADT 2013


 [***]          Summary:          [***]

 3 new Open rules. 7 new Pro. (3/4). More StealRat sigs (Kevin Ross),
Various RMKML fixes. Thanks to both of you!

 [+++]          Added rules:          [+++]

  Open:
  2017274 - ET TROJAN W32/StealRat.SpamBot Configuration File Request
(trojan.rules)
  2017275 - ET TROJAN W32/StealRat.SpamBot CnC Server Configuration File
Response (trojan.rules)
  2017276 - ET TROJAN W32/StealRat.SpamBot Email Template Request
(trojan.rules)

  Pro:
  2806774 - ETPRO TROJAN Worm.Mydoom spreading via SMTP 18 (trojan.rules)
  2806775 - ETPRO TROJAN TSPY_BANKER.SMAI Checkin (trojan.rules)
  2806776 - ETPRO TROJAN Win32/Ghodow.NAS .exe Download (trojan.rules)
  2806777 - ETPRO TROJAN Win32/Ghodow.NAS Checkin (trojan.rules)


 [///]     Modified active rules:     [///]

  2013946 - ET TROJAN FakeAV.EGZ Checkin 1 (trojan.rules)
  2013947 - ET TROJAN FakeAV.EGZ Checkin 2 (trojan.rules)
  2017006 - ET EXPLOIT CVE-2013-1331 Microsoft Office PNG Exploit
plugin-detect script access (exploit.rules)
  2017007 - ET EXPLOIT CVE-2013-1331 Microsoft Office PNG Exploit
plugin-detect script access (exploit.rules)
  2017008 - ET EXPLOIT CVE-2013-1331 Microsoft Office PNG Exploit Specific
(exploit.rules)

 [---]         Removed rules:         [---]

  2015729 - ET CURRENT_EVENTS DNS Query to Unknown CnC DGA Domain
adbullion.com 09/20/12 (current_events.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20130805/5ca72848/attachment.html>


More information about the Emerging-updates mailing list