[Emerging-updates] Daily Ruleset Update Summary 09/11/2013

Will Metcalf wmetcalf at emergingthreatspro.com
Wed Sep 11 13:22:25 HADT 2013


 [***]          Summary:          [***]

 6 new Open rules. 24 new Pro rules. (6/17). BHEK, FlimKit, Waledac, Vuln
Java 1.7, etc.

 [+++]          Added rules:          [+++]

  Open:
  2017451 - ET CURRENT_EVENTS FlimKit Landing Page (current_events.rules)
  2017452 - ET CURRENT_EVENTS Blackhole hex and wordlist initial landing
and exploit path (current_events.rules)
  2017453 - ET CURRENT_EVENTS DRIVEBY Redirection - Forum Injection
(current_events.rules)
  2017454 - ET CURRENT_EVENTS BlackHole EK Payload Download Sep 11 2013
 (current_events.rules)
  2017455 - ET TROJAN Waledac FACEPUNCH Traffic Detected (trojan.rules)
  2017456 - ET CURRENT_EVENTS BlackHole EK Variant PDF Download Sep 11 2013
 (current_events.rules)

  Pro:
  2806995 - ETPRO TROJAN Trojan.Win32.Swisyn.behb Checkin (trojan.rules)
  2806996 - ETPRO TROJAN Win32/Agent.PVY Checkin (trojan.rules)
  2806997 - ETPRO TROJAN Trojan-Dropper.Win32.FrauDrop.abcar Checkin
(trojan.rules)
  2806998 - ETPRO TROJAN RANSOM.WIN32.BLOCKER.BUOH Checkin (trojan.rules)
  2806999 - ETPRO TROJAN TrojanSpy.Win32/ProAgent.A Sending Info via SMTP 2
(trojan.rules)
  2807000 - ETPRO MALWARE Win32.Chir.B Checkin (malware.rules)
  2807001 - ETPRO TROJAN Win32/Valden.E Checkin (trojan.rules)
  2807002 - ETPRO TROJAN Worm.Win32.SendPass.a report via SMTP
(trojan.rules)
  2807003 - ETPRO TROJAN Loadmoney.A Checkin 5 (trojan.rules)
  2807004 - ETPRO TROJAN Loadmoney.A Checkin 6 (trojan.rules)
  2807005 - ETPRO TROJAN Trojan-PSW.Win32.VB.abv Checkin (trojan.rules)
  2807006 - ETPRO MOBILE_MALWARE Backdoor.AndroidOS.Updtbot.b Checkin
(mobile_malware.rules)
  2807007 - ETPRO MOBILE_MALWARE Backdoor.AndroidOS.Updtbot.b Checkin 2
(mobile_malware.rules)
  2807008 - ETPRO MOBILE_MALWARE Android/Adware.BatteryDoctor.E Checkin
(mobile_malware.rules)
  2807009 - ETPRO MOBILE_MALWARE Android/Adware.BatteryDoctor.E Checkin 2
(mobile_malware.rules)
  2807010 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.u Checkin 2
(mobile_malware.rules)
  2807011 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.u Checkin
(mobile_malware.rules)
  2807012 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.i Checkin 2
(mobile_malware.rules)


 [///]     Modified active rules:     [///]

  2011712 - ET P2P Bittorrent P2P Client User-Agent (FDM 3.x) (p2p.rules)
  2014297 - ET POLICY Vulnerable Java Version 1.7.x Detected (policy.rules)
  2017181 - ET CURRENT_EVENTS Sibhost/FlimKit/Glazunov Jar with lowercase
class names (current_events.rules)

 [---]         Removed rules:         [---]

  2806320 - ETPRO TROJAN RegSubDat Checkin (trojan.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20130911/46e924bd/attachment.html>


More information about the Emerging-updates mailing list