[Emerging-updates] Daily Ruleset Update Summary 10/30/2013

Matt Jonkman jonkman at emergingthreats.net
Wed Oct 30 09:42:20 HADT 2013


6 new Open rules, 9 new Pro rules (6/3).

The sshd backdoor sigs are important ones, recommend updating soon. Great
thanks to Kyle at Lastline for those!


 [+++]          Added rules:          [+++]

Open:
  2017642 - ET TROJAN Linux/Ssemgrvd sshd Backdoor HTTP CNC 1 (trojan.rules)
  2017643 - ET TROJAN Linux/Ssemgrvd sshd Backdoor HTTP CNC 2 (trojan.rules)
  2017644 - ET CURRENT_EVENTS Host Domain .bit (current_events.rules)
  2017645 - ET CURRENT_EVENTS DNS Query Domain .bit (current_events.rules)
  2017646 - ET TROJAN possible TRAT proxy component user agent detected
(trojan.rules)
  2017647 - ET TROJAN FakeAV Install (trojan.rules)

Pro:
  2807157 - ETPRO WEB_CLIENT Microsoft Internet Explorer Use-After-Free
CVE-2013-3845 2 (web_client.rules)
  2807158 - ETPRO TROJAN Trojan-Ransom.Win32.Blocker.brxp Download
(trojan.rules)
  2807159 - ETPRO TROJAN Win32/SystemHijack.gen Checkin (trojan.rules)

 [---]         Removed rules:         [---]

  2001318 - ET MALWARE Adwave Agent Access (malware.rules)

-- 

----------------------------------------------------
Matt Jonkman
Emerging Threats Pro
Open Information Security Foundation (OISF)
Phone 866-504-2523 x110
http://www.emergingthreatspro.com
http://www.openinfosecfoundation.org
----------------------------------------------------
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20131030/208bd03b/attachment.html>


More information about the Emerging-updates mailing list