[Emerging-updates] Daily Ruleset Update Summary 02/11/2013

Will Metcalf wmetcalf at emergingthreatspro.com
Mon Feb 11 21:21:54 HAST 2013


 [***]          Summary:          [***]

 4 new Open. 12 new Pro(4/8) CVE-2013-0634, CoolEK, FP heavy Android sigs
disabled, etc.

 Open:
 2016400-2016401 CVE-2013-0634
 2016402 Java download of png (noalert)
 2016403 CoolEK Obufscated Download, Recent change here. Probably more sigs
on the way.

 Pro:
 2805286 - 2806003 Daily Pro TROJAN/MOBILE_MALWARE Coverage.


 [+++]          Added rules:          [+++]

  Open:
  2016400 - ET CURRENT_EVENTS Flash Action Script Invalid Regex
CVE-2013-0634 (current_events.rules)
  2016401 - ET CURRENT_EVENTS Flash Action Script Invalid Regex
CVE-2013-0634 (current_events.rules)
  2016402 - ET CURRENT_EVENTS Exploit Kit Java png download
(current_events.rules)
  2016403 - ET CURRENT_EVENTS CoolEK Payload - obfuscated binary base 0
(current_events.rules)

  Pro:
  2805286 - ETPRO TROJAN Kraddare/OneScan FakeAV Checkin (trojan.rules)
  2805997 - ETPRO MOBILE_MALWARE Monitoring-Tool.Android/Trackplus.A
Checkin (mobile_malware.rules)
  2805998 - ETPRO TROJAN W32/Rodecap.BA connectivity Check (trojan.rules)
  2805999 - ETPRO TROJAN Rogue.Win32/FakeRean Checkin 2 (trojan.rules)
  2806000 - ETPRO TROJAN Win32/Tepv.A CnC Checkin (trojan.rules)
  2806001 - ETPRO TROJAN Win32/Tepv.A CnC Credentials Returned
(trojan.rules)
  2806002 - ETPRO TROJAN Win32/Tepv.A Requesting DLL (trojan.rules)
  2806003 - ETPRO TROJAN Backdoor.Win32.Polybot.A Checkin 4 (trojan.rules)

 [///]    Modified inactive rules:    [///]

  2804603 - ETPRO TROJAN Lethic.B XOR key (trojan.rules)


 [---]  Disabled and modified rules:  [---]

  2012684 - ET WEB_CLIENT Office File With Embedded Executable
(web_client.rules)


 [---]         Removed rules:         [---]
  Open:
  2016385 - ET MOBILE_MALWARE Android/DNightmare - Task Killer Checkin 1
(mobile_malware.rules)
  2016386 - ET MOBILE_MALWARE Android/DNightmare - Task Killer Checkin 2
(mobile_malware.rules)
  2016387 - ET MOBILE_MALWARE Android/DNightmare -Task Killer Checkin 3
(mobile_malware.rules)

  Pro:
  2805286 - ETPRO MALWARE Win32/Adware-ABW Checkin (malware.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20130212/76ef0f34/attachment.html>


More information about the Emerging-updates mailing list