[Emerging-updates] Daily Ruleset Update Summary 03/05/2014

Will Metcalf wmetcalf at emergingthreatspro.com
Wed Mar 5 14:51:30 HAST 2014


We forgot to say thank you today.  Thanks to @EKwatcher and @rmkml.

Regards,

Will


On Wed, Mar 5, 2014 at 6:26 PM, Francis Trudeau <
ftrudeau at emergingthreats.net> wrote:

>  [***] Summary: [***]
>
>  2 new open, 11 new Pro (2/9).  Fiesta, Neutrino, Various Android, Nitol.
>
>  [+++]          Added rules:          [+++]
>
>  Open:
>
>   2018225 - ET CURRENT_EVENTS Possible Fiesta Jar with four-letter class
> names (current_events.rules)
>   2018226 - ET CURRENT_EVENTS Possible Neutrino/Fiesta SilverLight Exploit
> March 05 2014 DLL Naming Convention (current_events.rules)
>
>  Pro:
>
>   2807767 - ETPRO MOBILE_MALWARE Android.Riskware.SMSReg. DE Checkin
> (mobile_malware.rules)
>   2807768 - ETPRO MOBILE_MALWARE Android.Riskware.SMSReg. DE Checkin 2
> (mobile_malware.rules)
>   2807769 - ETPRO TROJAN DDoS.Win32/Nitol.D Checkin (Intel) (trojan.rules)
>   2807770 - ETPRO TROJAN DDoS.Win32/Nitol.D Checkin (AMD) (trojan.rules)
>   2807771 - ETPRO TROJAN Win32/Kuluoz.D Checkin (trojan.rules)
>   2807772 - ETPRO TROJAN Win32/Neglemir.A Checkin (trojan.rules)
>   2807773 - ETPRO TROJAN Win32/Neglemir.A CnC (trojan.rules)
>   2807774 - ETPRO TROJAN Trojan.Win32.Siggen Downloader (trojan.rules)
>   2807775 - ETPRO TROJAN Win32/Injector.gen!ER Checkin (trojan.rules)
>
>
>  [///]     Modified active rules:     [///]
>
>   2016499 - ET CURRENT_EVENTS Styx Exploit Kit Payload Download
> (current_events.rules)
>   2018210 - ET POLICY W32/Installiq.Adware Install Information Beacon
> (policy.rules)
>   2018223 - ET CURRENT_EVENTS SWF filename used in IE 2014-0322 Watering
> Hole Attacks (current_events.rules)
>   2806651 - ETPRO MOBILE_MALWARE Android/Spy.Agent.I Checkin
> (mobile_malware.rules)
>
>
> _______________________________________________
> Emerging-updates mailing list
> Emerging-updates at lists.emergingthreats.net
> https://lists.emergingthreats.net/mailman/listinfo/emerging-updates
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20140305/c7696323/attachment.html>


More information about the Emerging-updates mailing list