[Emerging-updates] Daily Ruleset Update Summary 02/18/2013

Will Metcalf wmetcalf at emergingthreatspro.com
Mon Feb 18 13:46:12 HAST 2013


 [***]          Summary:          [***]

 3 new Open rules 6 new Pro rules (3/3). CoolEK, Zbot.ivgw, a couple of
fixes, etc.

 2016425  Win32.Zbot.ivgw
 2016426-2016427 CoolEK updates

 2806031-2806033 Daily Pro TROJAN Coverage.

 [+++]          Added rules:          [+++]


  Open:
  2016425 - ET TROJAN Win32.Zbot.ivgw Downloading EXE (trojan.rules)
  2016426 - ET CURRENT_EVENTS CoolEK landing applet plus class Feb 18 2013
(current_events.rules)
  2016427 - ET CURRENT_EVENTS CoolEK Possible Java Payload Download
(current_events.rules)

  Pro:
  2806031 - ETPRO TROJAN Win32/Ramnit.I UA (trojan.rules)
  2806032 - ETPRO TROJAN Win32.Scar.hhrw POST (trojan.rules)
  2806033 - ETPRO TROJAN Win32/Delf.DF Activity (trojan.rules)


 [///]     Modified active rules:     [///]

  2015985 - ET TROJAN Win32/Kuluoz.B Request (trojan.rules)
  2016409 - ET CURRENT_EVENTS Adobe PDF Zero Day Trojan.666 Payload
libarhlp32.dll Second Stage Download POST (current_events.rules)
  2016410 - ET CURRENT_EVENTS Adobe PDF Zero Day Trojan.666 Payload
libarext32.dll Second Stage Download POST (current_events.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20130218/4417d2ea/attachment.html>


More information about the Emerging-updates mailing list