[Emerging-updates] Daily Ruleset Update Summary 05/05/2014

Francis Trudeau ftrudeau at emergingthreats.net
Mon May 5 17:02:36 EDT 2014


 [***] Summary: [***]

 7 new Open signatures, 12 new Pro (7+5).  Selfint, various lockers, Nuclear EK.

 Thanks:  Nathan Fowler and Kevin Ross.

 [+++]          Added rules:          [+++]

 Open:

  2018443 - ET TROJAN W32/Karagany.Downloader CnC Beacon (trojan.rules)
  2018447 - ET WEB_CLIENT Base64 Encoded Java Value (web_client.rules)
  2018448 - ET TROJAN selfint Checkin (trojan.rules)
  2018449 - ET TROJAN Potential Selfint C2 traffic (from server) (trojan.rules)
  2018450 - ET TROJAN Potential Selfint C2 traffic (from client) (trojan.rules)
  2018451 - ET CURRENT_EVENTS DRIVEBY Nuclear EK Landing May 05 2014
(current_events.rules)
  2018452 - ET TROJAN CryptoWall Check-in (trojan.rules)

 Pro:

  2808016 - ETPRO TROJAN Win32/FakeInit.A Checkin (trojan.rules)
  2808017 - ETPRO TROJAN Win32/Injector.BBHJ Checkin (trojan.rules)
  2808018 - ETPRO TROJAN Win32.LockScreen.BHI checkin (trojan.rules)
  2808019 - ETPRO TROJAN Win32.Ransomlock Checkin (trojan.rules)
  2808020 - ETPRO TROJAN Agent-AEMM Checkin Response (trojan.rules)


 [///]     Modified active rules:     [///]

  2018437 - ET TROJAN Trojan-Spy.Win32.Zbot.hmcm Checkin (trojan.rules)
  2807970 - ETPRO TROJAN Win32/Neurevt.A Checkin 3 (trojan.rules)


More information about the Emerging-updates mailing list