[Emerging-updates] Daily Ruleset Update Summary 05/14/2014

Francis Trudeau ftrudeau at emergingthreats.net
Wed May 14 17:55:04 EDT 2014


 [***] Summary: [***]

 10 new Open signatures, 16 new Pro (10+6),  Various Android, Flashpack, Alina.

 Thanks:  vlintelligence,  Kevin Ross and Nathan Fowler.


 [+++]          Added rules:          [+++]

 Open:

  2018138 - ET MOBILE_MALWARE Android/FakeKakao checkin 1 (mobile_malware.rules)
  2018139 - ET MOBILE_MALWARE Android/FakeKakao checkin 2 (mobile_malware.rules)
  2018140 - ET MOBILE_MALWARE Android/FakeKakao checkin 3 (mobile_malware.rules)
  2018469 - ET CURRENT_EVENTS DRIVEBY FlashPack 2013-2551 May 13 2014
(current_events.rules)
  2018470 - ET CURRENT_EVENTS DRIVEBY FlashPack Flash Exploit
flash2013.php (current_events.rules)
  2018471 - ET CURRENT_EVENTS DRIVEBY FlashPack Flash Exploit
flash2014.php (current_events.rules)
  2018472 - ET CURRENT_EVENTS DRIVEBY FlashPack Plugin-Detect May 13
2014 (current_events.rules)
  2018473 - ET TROJAN W32/Alina.POS-Trojan CnC Beacon (trojan.rules)
  2018474 - ET TROJAN W32/HelloBridge.Backdoor Register CnC Beacon
(trojan.rules)
  2018475 - ET TROJAN W32/HelloBridge.Backdoor Login CnC Beacon (trojan.rules)

 Pro:

  2808042 - ETPRO TROJAN MSIL/PSW.Agent.NUM Checkin (trojan.rules)
  2808043 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.Agent.ao /
Cardbuyer Checkin (mobile_malware.rules)
  2808044 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.Agent.ao /
Cardbuyer Checkin 2 (mobile_malware.rules)
  2808045 - ETPRO MOBILE_MALWARE Android/AdDisplay.BatteryDoctor.A
Checkin (mobile_malware.rules)
  2808046 - ETPRO MOBILE_MALWARE Android/AdDisplay.BatteryDoctor.A
Checkin 2 (mobile_malware.rules)
  2808047 - ETPRO TROJAN Trojan.Win32.Agent.afaxi Checkin (trojan.rules)


 [///]     Modified active rules:     [///]

  2011588 - ET TROJAN Zeus Bot Request to CnC (trojan.rules)
  2017813 - ET CURRENT_EVENTS Safe/CritX/FlashPack Payload
(current_events.rules)
  2017895 - ET CURRENT_EVENTS Kuluoz/Asprox Activity Dec 23 2013
(current_events.rules)
  2018440 - ET CURRENT_EVENTS DRIVEBY Goon/Infinity EK Landing May 05
2014 (current_events.rules)

 [---]         Removed rules:         [---]

  2018138 - ET TROJAN Android/FakeKakao checkin 1 (trojan.rules)
  2018139 - ET TROJAN Android/FakeKakao checkin 2 (trojan.rules)
  2018140 - ET TROJAN Android/FakeKakao checkin 3 (trojan.rules)


More information about the Emerging-updates mailing list