[Emerging-updates] Daily Ruleset Update Summary 03/03/2014

Francis Trudeau ftrudeau at emergingthreats.net
Mon Mar 3 15:27:13 HAST 2014


 [***] Summary: [***]

 7 new Open rules, 11 new Pro.  GameThief, Matsnu, log4jAdmin, GingerMaster.

 Thanks:  Kevin Ross, @c_APT_ure, Nathan Fowler, Eoin Miller.

 [+++]          Added rules:          [+++]

 Open:

  2018198 - ET TROJAN Win32/Kryptik.BSYO Checkin 2 (trojan.rules)
  2018200 - ET TROJAN Win32/Matsnu.L Checkin (trojan.rules)
  2018201 - ET TROJAN Downloader.Win32.Geral Checkin (trojan.rules)
  2018202 - ET WEB_SERVER log4jAdmin access from non-local network (can
modify logging levels) (web_server.rules)
  2018203 - ET WEB_SERVER log4jAdmin access from non-local network Page
Body (can modify logging levels) (web_server.rules)
  2018204 - ET TROJAN W32/Qakbot.Bot Version 8 CnC Beacon (trojan.rules)
  2018205 - ET TROJAN Win32/Kryptik.BSYO Checkin (trojan.rules)

Pro:

  2807756 - ETPRO TROJAN Backdoor.Win32.SdBot CnC at IRC Channel
(trojan.rules)
  2807757 - ETPRO TROJAN PSW.Win32.QQRob.bjp Checkin (trojan.rules)
  2807758 - ETPRO TROJAN GameThief.Win32.OnLineGames.aqv User-Agent
(My_Agenter) (trojan.rules)
  2807759 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.GingerMaster.a Checkin 5
(mobile_malware.rules)


 [///]     Modified active rules:     [///]


  2805537 - ETPRO TROJAN Trojan.Win32.Yakes.azpf Checkin 1 (trojan.rules)
  2805538 - ETPRO TROJAN Trojan.Win32.Yakes.azpf Checkin 2 (trojan.rules)
  2806220 - ETPRO MOBILE_MALWARE Android/TrojanSMS.Agent.JY Checkin
(mobile_malware.rules)
  2807328 - ETPRO MALWARE InstallBrain checkin (malware.rules)
  2807550 - ETPRO TROJAN DDoS.Win32/Nitol.B Checkin 3 (trojan.rules)
  2807673 - ETPRO TROJAN Trojan-Downloader.Win32.Boltolog.pfv Checkin
(trojan.rules)


 [---]         Removed rules:         [---]

  2807502 - ETPRO TROJAN Win32/Kryptik.BSYO Checkin (trojan.rules)
  2807508 - ETPRO TROJAN Win32/Kryptik.BSYO Checkin 2 (trojan.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20140303/ed8869a4/attachment.html>


More information about the Emerging-updates mailing list