[Emerging-updates] Daily Ruleset Update Summary 06/27/2014

Francis Trudeau ftrudeau at emergingthreats.net
Mon Jun 30 19:11:29 EDT 2014


 [***] Summary: [***]

 3 new Open Signatures, 7 new Pro (3+4).  Win32/Sharik, Spy.Banker.

 [+++]          Added rules:          [+++]

 Open:

  2018614 - ET TROJAN Win32/Sharik Checkin (trojan.rules)
  2018615 - ET TROJAN Win32/Sharik C2 Incoming Traffic (trojan.rules)
  2018616 - ET TROJAN Win32/Sharik C2 Incoming Crafted Request (trojan.rules)

 Pro:

  2808249 - ETPRO TROJAN Win32/Gablrub Checkin (trojan.rules)
  2808250 - ETPRO TROJAN Win32.Dorgam.qze Checkin 3 (trojan.rules)
  2808251 - ETPRO TROJAN Win32/Spy.Banker.AAYY CnC (OUTBOUND) (trojan.rules)
  2808252 - ETPRO TROJAN W32.Injector.13824.C config update pull (trojan.rules)


 [///]     Modified active rules:     [///]

  2003606 - ET MALWARE Alexa Spyware Reporting URL Visited (malware.rules)
  2808208 - ETPRO CURRENT_EVENTS Safe/Critx/FlashPack URI Struct June
18, 2014 2 (current_events.rules)


 [---]  Disabled and modified rules:  [---]

  2016059 - ET CURRENT_EVENTS CoolEK - Old PDF Exploit - Dec 18 2012
(current_events.rules)


 [---]         Removed rules:         [---]

  2002166 - ET MALWARE Alexa Search Toolbar User-Agent (Alexa Toolbar)
(malware.rules)
  2801101 - ETPRO SCADA PROSOFT Response Packet with data found (scada.rules)
  2801102 - ETPRO SCADA PROSOFT (Event 15) Station Number Error (scada.rules)
  2801156 - ETPRO SCADA SCHWEITZER Response Packet with data found (scada.rules)
  2801157 - ETPRO SCADA SCHWEITZER (Event 15) Station Number Error (scada.rules)


More information about the Emerging-updates mailing list