[Emerging-updates] Daily Ruleset Update Summary 06/12/2014

Will Metcalf wmetcalf at emergingthreatspro.com
Thu Jun 12 17:41:31 EDT 2014


[+++]          Summary:          [+++]

2 new Open rules. 20 new Pro rules (2/18). Win32.Androm.dtrv etc. Various
Android, etc.

[+++]          Added rules:          [+++]

  Open:
  2018556 - ET CURRENT_EVENTS SUSPICIOUS EXE Download from Google Common
Data Storage with no Referer (current_events.rules)
  2018557 - ET MALWARE PUP Win32.SoftPulse Checkin (malware.rules)

  Pro:
  2808165 - ETPRO TROJAN Win32/Injector.BCEU Checkin (trojan.rules)
  2808166 - ETPRO TROJAN TrojWare.Win32.Amtar.KNB Checkin 3 (trojan.rules)
  2808167 - ETPRO TROJAN Variant.Zusy.95263 Checkin (trojan.rules)
  2808168 - ETPRO MOBILE_MALWARE
Android.Riskware.SmsPay.C/SMSSend.BZ/SMSreg (mobile_malware.rules)
  2808169 - ETPRO TROJAN Connectivity Check/Trojan-Downloader.Win32.Genome
(trojan.rules)
  2808170 - ETPRO TROJAN Win32.MereDrop Checkin (trojan.rules)
  2808171 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Fidall.a Checkin
(mobile_malware.rules)
  2808172 - ETPRO MOBILE_MALWARE Backdoor.AndroidOS.Acnetdoor.a Checkin
(mobile_malware.rules)
  2808173 - ETPRO CURRENT_EVENTS Possible Win32/Zbot SSL Cert
(current_events.rules)
  2808174 - ETPRO TROJAN Win32/Itsproc!gmb DLL Retrieval (trojan.rules)
  2808175 - ETPRO TROJAN Backdoor.DarkMoon C2 Activity (trojan.rules)
  2808176 - ETPRO TROJAN Backdoor.Win32.Androm.dtrv Checkin (trojan.rules)
  2808177 - ETPRO TROJAN Backdoor.Win32.Androm.dtrv Checkin Response
(trojan.rules)
  2808178 - ETPRO MOBILE_MALWARE Android.Monitor.Spyera.A Checkin
(mobile_malware.rules)
  2808179 - ETPRO MOBILE_MALWARE HackTool.AndroidOS.DroidSniff.a Checkin
(mobile_malware.rules)
  2808180 - ETPRO MOBILE_MALWARE Android/Spy.Zitmo.B Checkin 4
(mobile_malware.rules)
  2808181 - ETPRO MOBILE_MALWARE Android.Riskware.SMSReg.CF Checkin
(mobile_malware.rules)
  2808182 - ETPRO MOBILE_MALWARE Andr/SMSSend-J Checkin
(mobile_malware.rules)


 [///]     Modified active rules:     [///]

  Open:
  2002867 - ET WEB_SPECIFIC_APPS Horde 3.0.9-3.1.0 Help Viewer Remote PHP
Exploit (web_specific_apps.rules)
  2010288 - ET TROJAN W32/Scar Downloader Request (trojan.rules)
  2013694 - ET MOBILE_MALWARE Android/Netisend.A Posting Information to CnC
(mobile_malware.rules)
  2018496 - ET TROJAN Win32/Geodo Checkin (trojan.rules)

  Pro:
  2807476 - ETPRO TROJAN Win32/TrojanDownloader.Onkods.V Download
(trojan.rules)
  2807970 - ETPRO TROJAN Win32/Neurevt.A Checkin 3 (trojan.rules)


 [---]         Removed rules:         [---]

  2009679 - ET WEB_SPECIFIC_APPS Phorum Possible
Javascript/Remote-File-Inclusion 1 (web_specific_apps.rules)
  2009680 - ET WEB_SPECIFIC_APPS Phorum Possible
Javascript/Remote-File-Inclusion 2 (web_specific_apps.rules)
  2009681 - ET WEB_SPECIFIC_APPS Phorum Possible
Javascript/Remote-File-Inclusion 3 (web_specific_apps.rules)
  2009682 - ET WEB_SPECIFIC_APPS Phorum Possible
Javascript/Remote-File-Inclusion 4 (web_specific_apps.rules)
  2009683 - ET WEB_SPECIFIC_APPS Phorum Possible
Javascript/Remote-File-Inclusion 5 (web_specific_apps.rules)
  2009684 - ET WEB_SPECIFIC_APPS Phorum Possible
Javascript/Remote-File-Inclusion 6 (web_specific_apps.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20140612/76e5d86e/attachment.html>


More information about the Emerging-updates mailing list