[Emerging-updates] Daily Ruleset Update Summary 09/17/2013

Will Metcalf wmetcalf at emergingthreatspro.com
Tue Sep 17 17:47:46 HADT 2013


[***]          Summary:          [***]

5 new Open rules. 16 new Pro rules. (5/11). Sweet Orange, CVE-2013-3893,
Gh0st Rat, etc.

[+++]          Added rules:          [+++]

  Open:
  2017476 - ET CURRENT_EVENTS DRIVEBY SweetOrange - Jave Exploit Downloaded
(current_events.rules)
  2017477 - ET WEB_CLIENT CVE-2013-3893 Possible IE Memory Corruption
Vulnerability with HXDS ASLR Bypass (web_client.rules)
  2017478 - ET WEB_CLIENT CVE-2013-3893 IE Memory Corruption Vulnerability
(web_client.rules)
  2017479 - ET WEB_CLIENT CVE-2013-3893 IE Memory Corruption Vulnerability
(web_client.rules)
  2017480 - ET WEB_CLIENT CVE-2013-3893 IE Memory Corruption Vulnerability
(web_client.rules)

  Pro:
  2807030 - ETPRO TROJAN TrojanDropper.Agent.axkq Response 1 (trojan.rules)
  2807031 - ETPRO TROJAN TrojanDropper.Agent.axkq Response 2 (trojan.rules)
  2807032 - ETPRO TROJAN Win32.Mudrop.rsj (trojan.rules)
  2807033 - ETPRO TROJAN Win32.BKDR_DELF.QBZ (trojan.rules)
  2807034 - ETPRO TROJAN Begseabug variant Checkin (trojan.rules)
  2807035 - ETPRO TROJAN Trojan.Win32.Delf Variant Checkin (trojan.rules)
  2807036 - ETPRO TROJAN Win32.Clicker.AFKJ (trojan.rules)
  2807037 - ETPRO TROJAN Trojan.Win32.Swisyn.auua Checkin (trojan.rules)
  2807038 - ETPRO TROJAN Win32/Genome.I Checkin (trojan.rules)
  2807039 - ETPRO TROJAN Win32/Agent.UPL Checkin (trojan.rules)
  2807040 - ETPRO MOBILE_MALWARE Andr/DroidRt-A Checkin
(mobile_malware.rules)


 [///]     Modified active rules:     [///]

  Open:
  2016922 - ET TROJAN Backdoor family PCRat/Gh0st CnC traffic (trojan.rules)
  2017469 - ET CURRENT_EVENTS Possible SNET EK VBS Download
(current_events.rules)

  Pro:
  2804577 - ETPRO CURRENT_EVENTS TrojanDownloader.Win32/Waledac.C Checkin
(current_events.rules)
  2805004 - ETPRO TROJAN Trojan-Ransom.Win32.Rannoh.b Checkin (trojan.rules)
  2805304 - ETPRO TROJAN TrojanDropper.Agent.axkq Checkin (trojan.rules)


 [---]         Removed rules:         [---]

  2016962 - ET TROJAN Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 2
(trojan.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20130917/c3fb09a8/attachment.html>


More information about the Emerging-updates mailing list