[Emerging-updates] Daily Ruleset Update Summary 02/14/2013

Will Metcalf wmetcalf at emergingthreatspro.com
Thu Feb 14 15:47:52 HAST 2013


[***]          Summary:          [***]

5 new Open rules. 14 new Pro rules (5/9). Adobe 0 day Exploit/Trjoan
specific sigs, etc.

2016409-2016411,2806029 Adobe 0day related sigs.
2016412 Vdele TDS seen used to redirect to EK's.
2016413 Cert.pl sinkhole

2806021 -2806028 Daily Pro TROJAN/MALWARE Coverage.

[+++]          Added rules:          [+++]

 Open:
 2016409 - ET CURRENT_EVENTS Adobe PDF Zero Day Trojan.666 Payload
libarhlp32.dll Second Stage Download POST (current_events.rules)
 2016410 - ET CURRENT_EVENTS Adobe PDF Zero Day Trojan.666 Payload
libarext32.dll Second Stage Download POST (current_events.rules)
 2016411 - ET TROJAN PDF 0day Communication - agent UA Feb 14 2013
(trojan.rules)
 2016412 - ET CURRENT_EVENTS TDS Vdele (current_events.rules)
 2016413 - ET DNS Reply Sinkhole - sinkhole.cert.pl 148.81.111.111
(dns.rules)

 Pro:
 2806021 - ETPRO TROJAN WinNT/Systex.A receiving config 1 (trojan.rules)
 2806022 - ETPRO TROJAN WinNT/Systex.A receiving config 2 (trojan.rules)
 2806023 - ETPRO TROJAN WinNT/Systex.A Checkin (trojan.rules)
 2806024 - ETPRO MOBILE_MALWARE Android/Plankton.I Checkin
(mobile_malware.rules)
 2806025 - ETPRO TROJAN Trojan-Dropper.Win32.Injector.hblh Checkin
(trojan.rules)
 2806026 - ETPRO MALWARE Dialer.Porn.Bienvenido.A Checkin (malware.rules)
 2806027 - ETPRO TROJAN Variant.Graftor.57329 Checkin (trojan.rules)
 2806028 - ETPRO MOBILE_MALWARE Android/Spy.GoneSixty.A Checkin
(mobile_malware.rules)
 2806029 - ETPRO CURRENT_EVENTS ADOBE PDF zeroday 14 February
(current_events.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20130214/638b8b24/attachment.html>


More information about the Emerging-updates mailing list