[Emerging-updates] Malvertising Realted EK sigs (Weekend Update)

Will Metcalf wmetcalf at emergingthreatspro.com
Sat Aug 23 15:38:03 EDT 2014


[***]          Summary:          [***]

@malware_traffic Did a write-up on updates to  a malvertising related EK
that @malwaresigs spotted in Oct 2013.

http://malware-traffic-analysis.net/2014/08/22/index2.html

We pushed out some rules to detect the updated version.
[+++]          Added rules:          [+++]

  2018988 - ET CURRENT_EVENTS Unknown Malvertising EK Landing Aug 22 2014
(current_events.rules)
  2018989 - ET CURRENT_EVENTS Unknown Malvertising EK Landing URI Sruct Aug
22 2014 (current_events.rules)
  2018990 - ET CURRENT_EVENTS Unknown Malvertising EK Payload URI Sruct Aug
22 2014 (current_events.rules)
  2018991 - ET CURRENT_EVENTS Unknown Malvertising EK Silverlight URI Sruct
Aug 22 2014 (current_events.rules)
  2018992 - ET CURRENT_EVENTS Unknown Malvertising EK Flash URI Sruct Aug
22 2014 (current_events.rules)
  2018993 - ET CURRENT_EVENTS Unknown Malvertising EK Payload URI Sruct Aug
22 2014 (current_events.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20140823/99d6f23e/attachment.html>


More information about the Emerging-updates mailing list