[Emerging-updates] Daily Ruleset Update Summary 01/09/2014

Francis Trudeau ftrudeau at emergingthreats.net
Thu Jan 9 13:09:00 HAST 2014


 [***] Summary: [***]

 8 new pro rules, 3 new open (5/3).  FOCA, Kazy Genome, LDPinch, Rincux.

 [+++]          Added rules:          [+++]

 Pro:

  2807454 - ETPRO TROJAN Rincux Checkin (trojan.rules)
  2807455 - ETPRO TROJAN Win32/PSW.Delf.OIL Checkin (trojan.rules)
  2807456 - ETPRO TROJAN Variant.Kazy.199307 Checkin (trojan.rules)
  2807457 - ETPRO TROJAN Trojan-Downloader.Win32.Genome.fjtg Checkin
(trojan.rules)
  2807458 - ETPRO TROJAN Trojan/Downloader.Agent.gxth Checkin (trojan.rules)

 Open:

  2017948 - ET TROJAN LDPinch Checkin Post (trojan.rules)
  2017949 - ET USER_AGENTS FOCA User-Agent (user_agents.rules)
  2017950 - ET SCAN FOCA uri (scan.rules)


 [///]     Modified active rules:     [///]

  2007862 - ET TROJAN LDPinch Checkin (3) (trojan.rules)
  2017944 - ET TROJAN Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 14
(trojan.rules)
  2017947 - ET CURRENT_EVENTS Possible Styx Kein Landing URI Struct
(current_events.rules)
  2807344 - ETPRO TROJAN Win32/Uosproy.A Checkin 2 (trojan.rules)
  2807345 - ETPRO TROJAN Win32/Uosproy.A Checkin 3 (trojan.rules)


 [---]         Removed rules:         [---]

  2002812 - ET TROJAN PWS-LDPinch Reporting User Activity (trojan.rules)
  2006385 - ET TROJAN PWS-LDPinch posting data (trojan.rules)
  2007756 - ET TROJAN PWS-LDPinch posting data (2) (trojan.rules)
  2007828 - ET TROJAN LDPinch Checkin (2) (trojan.rules)
  2008061 - ET TROJAN LDPinch Checkin (4) (trojan.rules)
  2008091 - ET TROJAN LDPinch Checkin (8) (trojan.rules)
  2008213 - ET TROJAN LDPinch Checkin (9) (trojan.rules)
  2008354 - ET TROJAN LDPinch Checkin on Port 82 (trojan.rules)
  2008469 - ET TROJAN LDPinch Checkin v2 (trojan.rules)
  2013994 - ET TROJAN LDPinch Loader Binary Request (trojan.rules)
  2014015 - ET TROJAN TROJAN LDPinch Loader Binary Request (trojan.rules)
  2805071 - ETPRO TROJAN Trojan-PSW.Win32.LdPinch.dis checkin (trojan.rules)
  2807407 - ETPRO MALWARE Adware.Data.Flurry Checkin (malware.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20140109/c2b84f55/attachment.html>


More information about the Emerging-updates mailing list