[Emerging-updates] Daily Ruleset Update Summary 05/01/2014

Francis Trudeau ftrudeau at emergingthreats.net
Thu May 1 18:48:25 EDT 2014


 [***] Summary: [***]

 2 new Open signatures, 7 new Pro (2+5).  Various AndroidOS, vpnoverdns.


 [+++]          Added rules:          [+++]

 Open:

  2018437 - ET TROJAN Trojan-Spy.Win32.Zbot.hmcm Checkin (trojan.rules)
  2018438 - ET DNS DNS Query for vpnoverdns - indicates DNS tunnelling
(dns.rules)

 Pro:

  2808006 - ETPRO MOBILE_MALWARE Android/MobileSpy.C!mfb Checkin
(mobile_malware.rules)
  2808007 - ETPRO MOBILE_MALWARE Android/DroidRooter.B Checkin
(mobile_malware.rules)
  2808008 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Ackposts.a Checkin
(mobile_malware.rules)
  2808009 - ETPRO MOBILE_MALWARE Monitor.AndroidOS.SmBox.a Checkin
(mobile_malware.rules)
  2808010 - ETPRO MALWARE Win32.Boaxxe.BL windowsupdate connectivity
check (malware.rules)


 [///]     Modified active rules:     [///]

  2017598 - ET TROJAN Possible Kelihos.F EXE Download Common Structure
(trojan.rules)
  2018403 - ET TROJAN GENERIC Zbot Based Loader (trojan.rules)


 [---]         Removed rules:         [---]

  2805950 - ETPRO TROJAN Trojan-Spy.Win32.Zbot.hmcm Checkin (trojan.rules)
  2808001 - ETPRO MALWARE Win32.Waledac.AJ binary download 1 (malware.rules)
  2808002 - ETPRO MALWARE Win32.Waledac.AJ binary download 2 (malware.rules)


More information about the Emerging-updates mailing list