[Emerging-updates] Daily Ruleset Update Summary 2/27/2013

Matt Jonkman jonkman at emergingthreats.net
Wed Feb 27 08:16:51 HAST 2013


Light update today, all tweaks and one delete.




 [///]     Modified active rules:     [///]

  2002677 - ET SCAN Nikto Web App Scan in Progress (scan.rules)
  2002801 - ET POLICY Google Desktop User-Agent Detected (policy.rules)
  2002827 - ET POLICY POSSIBLE Crawl using Fetch (policy.rules)
  2002935 - ET POLICY Possible Web Crawl - libwww-perl User Agent
(policy.rules)
  2006380 - ET POLICY Outgoing Basic Auth Base64 HTTP Password detected
unencrypted (policy.rules)
  2007695 - ET POLICY Windows 98 User-Agent Detected - Possible Malware or
Non-Updated System (policy.rules)
  2007995 - ET MALWARE Vaccine-program.co.kr
<http://vaccine-program.co.kr/> Related
Spyware Checkin (malware.rules)
  2008415 - ET SCAN Cisco Torch IOS HTTP Scan (scan.rules)
  2008529 - ET SCAN Core-Project Scanning Bot UA Detected (scan.rules)
  2008754 - ET MALWARE Possible Rar'd Malware sent when remote host claims
to send an Image (malware.rules)
  2008757 - ET MALWARE Zenosearch Malware Checkin HTTP POST (malware.rules)
  2008986 - ET POLICY Internal Host Retrieving External IP via
whatismyip.com - Possible Infection (policy.rules)
  2009171 - ET CURRENT_EVENTS Psyb0t Bot Nick (current_events.rules)
  2010495 - ET WEB_CLIENT Possible Adobe Multimedia Doc.media.newPlayer
Memory Corruption Attempt (web_client.rules)
  2011029 - ET SCAN Netsparker Default User-Agent (scan.rules)
  2011701 - ET P2P Bittorrent P2P Client User-Agent (Opera/10.x) (p2p.rules)
  2011703 - ET P2P Bittorrent P2P Client User-Agent (Enhanced CTorrent 3.x)
(p2p.rules)
  2011708 - ET GAMES Blizzard Downloader Client User-Agent (Blizzard
Downloader 2.x) (games.rules)
  2014161 - ET MOBILE_MALWARE Android/FakeTimer.A Reporting to CnC
(mobile_malware.rules)


 [---]  Disabled and modified rules:  [---]

  2001678 - ET MALWARE Webhancer Agent Activity (malware.rules)


 [---]         Removed rules:         [---]

  2016507 - ET TROJAN W32/Caphaw Requesting Additional Modules From CnC
(trojan.rules)


-- 

----------------------------------------------------
Matt Jonkman
Emerging Threats Pro
Open Information Security Foundation (OISF)
Phone 866-504-2523 x110
http://www.emergingthreatspro.com
http://www.openinfosecfoundation.org
----------------------------------------------------
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20130227/ff4ba86e/attachment.html>


More information about the Emerging-updates mailing list