[Emerging-updates] Daily Ruleset Update Summary 06/25/2014

Francis Trudeau ftrudeau at emergingthreats.net
Wed Jun 25 20:03:36 EDT 2014


 [***] Summary: [***]

 3 new Open signatures, 10 new Pro (3+7).  CVE-2014-0521, Zbot,
TimThumb RCE, Safe/CritX/FlashPack EK.

 Thanks:  Nathan Fowler and @EKwatcher

 [+++]          Added rules:          [+++]

 Open:

  2018605 - ET WEB_SPECIFIC_APPS TimThumb Remote Command Execution
(web_specific_apps.rules)
  2018606 - ET CURRENT_EVENTS Safe/CritX/FlashPack EK Secondary
Landing June 25 2014 (current_events.rules)
  2018607 - ET WEB_SERVER PHP Crawler (web_server.rules)

 Pro:

  2808226 - ETPRO TROJAN Trojan/Win32.Zbot Covert Channel port 53 (trojan.rules)
  2808227 - ETPRO TROJAN Trojan-Dropper.Win32.Daws.cgrk Checkin (trojan.rules)
  2808228 - ETPRO TROJAN Backdoor.Win32.Mokes Checkin (trojan.rules)
  2808229 - ETPRO TROJAN Win32/Miracovecz Download Request (trojan.rules)
  2808230 - ETPRO TROJAN Win32/Miracovecz Download Payload (trojan.rules)
  2808231 - ETPRO WEB_CLIENT Possible Acrobat Reader Privilaged API
Acess CVE-2014-0521 (web_client.rules)
  2808232 - ETPRO MOBILE_MALWARE AndroidOS.Gongfu.C Checkin
(mobile_malware.rules)


 [///]     Modified active rules:     [///]

  2009028 - ET MALWARE 404 Response with an EXE Attached - Likely
Malware Drop (malware.rules)
  2804255 - ETPRO TROJAN Backdoor.Win32/Jukbot.B Checkin (trojan.rules)
  2805819 - ETPRO TROJAN W32/Daws.AKWI!tr Checkin (trojan.rules)
  2807496 - ETPRO TROJAN Trojan/Win32.Zbot Covert Channel port 53 -
SET (trojan.rules)
  2808188 - ETPRO TROJAN Win32/Kotan suspicious User-Agent .exe (trojan.rules)
  2808192 - ETPRO TROJAN Win32/Boda Checkin (trojan.rules)
  2808208 - ETPRO CURRENT_EVENTS Safe/Critx/FlashPack URI Struct June
18, 2014 2 (current_events.rules)


 [---]         Removed rules:         [---]

  2018151 - ET TROJAN W32/Azbreg.Backdoor CnC Beacon (trojan.rules)
  2805901 - ETPRO MOBILE_MALWARE AndroidOS.Gongfu.C Checkin
(mobile_malware.rules)


More information about the Emerging-updates mailing list