[Emerging-updates] Daily Ruleset Update Summary 08/07/2014

Will Metcalf wmetcalf at emergingthreatspro.com
Thu Aug 7 17:20:01 EDT 2014


 [***]          Summary:          [***]

 3 new Open rules. 7 new Pro rules (3/4). Expiro, Vawtrak SSL, Malvertising
Redirect, STUN. Tks Nathan Fowler.

 [+++]          Added rules:          [+++]

  Open:
  2018908 - ET INFO Session Traversal Utilities for NAT (STUN Binding
Response) (info.rules)
  2018909 - ET CURRENT_EVENTS Malvertising Redirection to Exploit Kit Aug
07 2014 (current_events.rules)
  2018910 - ET TROJAN ABUSE.CH SSL Fingerprint Blacklist Malicious SSL
certificate detected (Vawtrak MITM) (trojan.rules)

  Pro:
  2808519 - ETPRO TROJAN Win32/Expiro.DJ C2 traffic (trojan.rules)
  2808520 - ETPRO TROJAN Win32/Craq.A C2 traffic (trojan.rules)
  2808521 - ETPRO MOBILE_MALWARE Trojan-Ransom.AndroidOS.Aples.a Checkin
(mobile_malware.rules)
  2808522 - ETPRO TROJAN Win32/Wysotot.G Checkin (trojan.rules)


 [///]     Modified active rules:     [///]

  Open:
  2018661 - ET TROJAN Win32/Zemot Config Download (trojan.rules)
  2018904 - ET INFO Session Traversal Utilities for NAT (STUN Binding
Request obsolete rfc 3489 CHANGE-REQUEST attribute change IP flag false
change port flag false) (info.rules)
  2018905 - ET INFO Session Traversal Utilities for NAT (STUN Binding
Request obsolete rfc 3489 CHANGE-REQUEST attribute change IP flag false
change port flag true) (info.rules)
  2018906 - ET INFO Session Traversal Utilities for NAT (STUN Binding
Request obsolete rfc 3489 CHANGE-REQUEST attribute change IP flag true
change port flag false) (info.rules)
  2018907 - ET INFO Session Traversal Utilities for NAT (STUN Binding
Request obsolete rfc 3489 CHANGE-REQUEST attribute change IP flag true
change port flag true) (info.rules)

  Pro:
  2807585 - ETPRO TROJAN Win32/TrojanClicker.Agent.NUM Checkin
(trojan.rules)


 [---]  Disabled and modified rules:  [---]

  Open:
  2017168 - ET CURRENT_EVENTS FlimKit Landing 07/22/13
(current_events.rules)
  2017170 - ET CURRENT_EVENTS FlimKit Landing 07/22/13 3
(current_events.rules)
  2017171 - ET CURRENT_EVENTS FlimKit Landing 07/22/13 4
(current_events.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20140807/125ef192/attachment.html>


More information about the Emerging-updates mailing list