[Emerging-updates] Daily Ruleset Update Summary 06/06/2013

Will Metcalf wmetcalf at emergingthreatspro.com
Thu Jun 6 14:16:18 HADT 2013


[***]          Summary:          [***]

1 new Open. 7 new Pro (1/7) .exe download from /tmp/ directory etc.

[+++]          Added rules:          [+++]

  Open:
  2016985 - ET INFO Executable Served From /tmp/ Directory - Malware
Hosting Behaviour (info.rules) Kevin Ross.

  Pro:
  2806459 - ETPRO TROJAN Win32.Sality-GR Checkin (trojan.rules)
  2806460 - ETPRO TROJAN
Trojan-GameThief.Win32.Ganhame.cl<http://trojan-gamethief.win32.ganhame.cl/>
checkin
(trojan.rules)
  2806461 - ETPRO MALWARE User-Agent (RazorCrypter) (malware.rules)
  2806465 - ETPRO TROJAN Downloader-SYR checkin (trojan.rules)
  2806466 - ETPRO TROJAN Trojan.GenericKD.1011510 checkin (trojan.rules)
  2806467 - ETPRO TROJAN Win32.Dnschanger.L Checkin (trojan.rules)


 [///]     Modified active rules:     [///]

  Open:
  2016763 - ET CURRENT_EVENTS Non-Malicious SSH/SSL Scanner on the run
(current_events.rules)
  2016821 - ET TROJAN DEEP PANDA Checkin 3 (trojan.rules)
  2016968 - ET TROJAN Win32/Travnet.A Checkin (trojan.rules)

  Pro:
  2805087 - ETPRO TROJAN W32/MoonLight.worm User-Agent (HellSpawn)
(trojan.rules)
  2805272 - ETPRO TROJAN Win32/Dokstormac.B Checkin (trojan.rules)
  2806320 - ETPRO TROJAN RegSubDat Checkin (trojan.rules)


 [---]         Disabled rules:        [---]

 100000892 - GPL VOIP Q.931 Invalid Call Reference Length Buffer Overflow
(voip.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20130606/16b90cd1/attachment.html>


More information about the Emerging-updates mailing list