[Emerging-updates] Daily Ruleset Update Summary 10/11/2013

Will Metcalf wmetcalf at emergingthreatspro.com
Fri Oct 11 14:07:21 HADT 2013


[***]          Added rules:          [***]

3 new Open rules, 5 new Pro (3/2). CryptoLocker, Cushion Redirect, Unkown
EK renamed to Angler. Thanks to Eoin Miller, @kafeine, Tom U.

[+++]          Added rules:          [+++]

  Open:
  2017582 - ET TROJAN CryptoLocker Ransomware check-in 2 (trojan.rules)
  2017583 - ET TROJAN CryptoLocker EXE Download (trojan.rules)
  2017584 - ET TROJAN CryptoLocker Ransomware check-in (trojan.rules)

 Pro:
  2807114 - ETPRO MALWARE Adware/W32.KrAdword.2215496 Checkin
(malware.rules)
  2807115 - ETPRO TROJAN Trojan.Ransom.ED User-Agent (trojan.rules)


 [///]     Modified active rules:     [///]

  Open:
  2016549 - ET CURRENT_EVENTS Base64 http argument in applet
(Neutrino/Angler) (current_events.rules)
  2017548 - ET TROJAN Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 3
(trojan.rules)
  2017552 - ET CURRENT_EVENTS Cushion Redirection (current_events.rules)
  2017569 - ET CURRENT_EVENTS Angler EK Landing Page (current_events.rules)
  2017570 - ET CURRENT_EVENTS Angler EK Exploit Download
(current_events.rules)
  2017571 - ET CURRENT_EVENTS Angler EK Payload Download
(current_events.rules)

  Pro:
  2802015 - ETPRO TROJAN Cybergate/Rebhip/Spyrat Backdoor Keepalive
(trojan.rules)
  2804324 - ETPRO TROJAN Trojan-PSW.Win32.Ruftar.lon sending stolen data
via FTP (trojan.rules)
  2805406 - ETPRO TROJAN W32/DragonEye.C Checkin (trojan.rules)
  2807004 - ETPRO TROJAN Loadmoney.A Checkin 6 (trojan.rules)


 [---]         Removed rules:         [---]

  2803765 - ETPRO TROJAN Trojan-Downloader.Win32.Mufanom.vha DNS Tunnel
(trojan.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20131011/55f33856/attachment.html>


More information about the Emerging-updates mailing list