[Emerging-updates] Daily Ruleset Update Summary 10/31/2013

Will Metcalf wmetcalf at emergingthreatspro.com
Thu Oct 31 16:51:55 HADT 2013


 [***]          Summary:          [***]

 3 new Open rules. 9 new Pro rules (3/6). Sweet Orange, SofosFO, etc.
Thanks to @EKwatcher, all.

 [+++]          Added rules:          [+++]

  Open:
  2017648 - ET CURRENT_EVENTS Possible Sweet Orange payload Request
(current_events.rules)
  2017649 - ET CURRENT_EVENTS Sweet Orange encrypted payload
(current_events.rules)
  2017650 - ET CURRENT_EVENTS SofosFO/Grandsoft Plugin-Detect
(current_events.rules)

  Pro:
  2807160 - ETPRO TROJAN Trojan-Spy.Win32.Zbot.qgxi Checkin (trojan.rules)
  2807161 - ETPRO TROJAN Win32/Autorun.ZM Checkin (trojan.rules)
  2807162 - ETPRO TROJAN Trojan.Generic.1908467 Checkin (trojan.rules)
  2807163 - ETPRO MALWARE Adware/AccesMembre Checkin (malware.rules)
  2807164 - ETPRO TROJAN W32/Sluegot.B!tr Checkin (trojan.rules)
  2807165 - ETPRO TROJAN Win32/Mund.B / Trojan-Dropper.Win32.Parc.oa
Checkin (trojan.rules)


 [///]     Modified active rules:     [///]

  2010565 - ET TROJAN Bebloh C&C HTTP POST (trojan.rules)
  2014266 - ET TROJAN Trojan.Win32.NfLog Checkin (TTip) (trojan.rules)
  2017642 - ET TROJAN Linux/Ssemgrvd sshd Backdoor HTTP CNC 1 (trojan.rules)
  2017643 - ET TROJAN Linux/Ssemgrvd sshd Backdoor HTTP CNC 2 (trojan.rules)


 [---]  Disabled and modified rules:  [---]

  2016730 - ET CURRENT_EVENTS Blackhole/Cool plugindetect in octal
(current_events.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20131031/98fe6297/attachment.html>


More information about the Emerging-updates mailing list