[Emerging-updates] [Emerging-Sigs] Daily Ruleset Update Summary 06/20/2014

Will Metcalf wmetcalf at emergingthreatspro.com
Fri Jun 20 17:02:42 EDT 2014


Additional thanks to @EKWatcher, Nathan Fowler, @malwaresigs

Regards,

Will


On Fri, Jun 20, 2014 at 3:57 PM, Francis Trudeau <
ftrudeau at emergingthreats.net> wrote:

>  [***] Summary: [***]
>
>  9 new Open rules, 10 new Pro (9+1).  Supermicro BMC vuln, Asprox,
> Safe/CritX/FlashPack EK CVE-2013-3918.
>
>  Thanks:  Jake Warren.
>
>
>  [+++]          Added rules:          [+++]
>
>  Open:
>
>   2018585 - ET EXPLOIT Supermicro BMC Password Disclosure 1 (exploit.rules)
>   2018586 - ET EXPLOIT Supermicro BMC Password Disclosure 2 (exploit.rules)
>   2018587 - ET EXPLOIT Supermicro BMC Password Disclosure 3 (exploit.rules)
>   2018588 - ET EXPLOIT Supermicro BMC Password Disclosure 4 (exploit.rules)
>   2018589 - ET CURRENT_EVENTS Possible ASPROX Download URI Struct June 19
> 2014 (current_events.rules)
>   2018590 - ET MALWARE Adware.MultiInstaller checkin 2 (malware.rules)
>   2018591 - ET CURRENT_EVENTS Trojan-Banker.JS.Banker fraudulent redirect
> boleto payment code (current_events.rules)
>   2018592 - ET CURRENT_EVENTS Multiple EKs CVE-2013-3918
> (current_events.rules)
>   2018593 - ET CURRENT_EVENTS Safe/CritX/FlashPack EK CVE-2013-3918
> (current_events.rules)
>
>  Pro:
>
>   2808217 - ETPRO MOBILE_MALWARE Teap.A Checkin (mobile_malware.rules)
>
>
>  [///]     Modified active rules:     [///]
>
>   2014297 - ET POLICY Vulnerable Java Version 1.7.x Detected (policy.rules)
>   2017315 - ET TROJAN DDoS.Win32.Agent.bay Covert Channel (VERSONEX and
> Mr.Black) (trojan.rules)
>   2018053 - ET CURRENT_EVENTS Malicious Redirect 8x8 script tag
> (current_events.rules)
>   2806928 - ETPRO TROJAN Win32.Qhost.ahyc Checkin (trojan.rules)
>   2807097 - ETPRO TROJAN Dropper.Win32.Dapato.dcsh CnC keep-alive
> (trojan.rules)
>   2807362 - ETPRO TROJAN SPY.KeyLogger.N Checkin (trojan.rules)
>
>
> _______________________________________________
> Emerging-sigs mailing list
> Emerging-sigs at lists.emergingthreats.net
> https://lists.emergingthreats.net/mailman/listinfo/emerging-sigs
>
> Support Emerging Threats! Subscribe to Emerging Threats Pro
> http://www.emergingthreats.net
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20140620/3f2396e2/attachment.html>


More information about the Emerging-updates mailing list