[Emerging-updates] Daily Ruleset Update Summary 05/30/2014

Will Metcalf wmetcalf at emergingthreatspro.com
Fri May 30 19:50:41 EDT 2014


 [***] Summary: [***]

4 new Open rule, 12 new Pro (4+8). Angler, Sality, etc. Thanks to tdzmont,
@EKwatcher.

 [+++]          Added rules:          [+++]

  Open:
  2018508 - ET TROJAN Sality gtalk connectivity check (trojan.rules)
  2018509 - ET CURRENT_EVENTS Angler EK encrypted binary (5)
(current_events.rules)
  2018510 - ET CURRENT_EVENTS Angler EK encrypted binary (6)
(current_events.rules)
  2018511 - ET CURRENT_EVENTS Angler EK encrypted binary (7)
(current_events.rules)

  Pro:
  2808097 - ETPRO MALWARE Win32/Bundlore.D Checkin 2 (malware.rules)
  2808098 - ETPRO TROJAN Trojan-Downloader.Win32.Small.ago Checkin
(trojan.rules)
  2808099 - ETPRO TROJAN qq.com C2 - SET (trojan.rules)
  2808100 - ETPRO TROJAN qq.com C2 response (trojan.rules)
  2808101 - ETPRO MOBILE_MALWARE Android/UUPAY.B Checkin
(mobile_malware.rules)
  2808102 - ETPRO MOBILE_MALWARE Android/Uten.A Checkin
(mobile_malware.rules)
  2808103 - ETPRO MOBILE_MALWARE Backdoor.AndroidOS.Vsas.a Checkin
(mobile_malware.rules)
  2808104 - ETPRO TROJAN Win32/HiddenStart.B Checkin (trojan.rules)


 [///]     Modified active rules:     [///]

  2018403 - ET TROJAN GENERIC Zbot Based Loader (trojan.rules)
  2018497 - ET CURRENT_EVENTS Angler EK SilverLight Payload Request - May
2014 (current_events.rules)


 [---]         Removed rules:         [---]

  2018424 - ET TROJAN W32/MadnessPro.DDOSBot CnC Beacon (trojan.rules)
  2018437 - ET TROJAN Trojan-Spy.Win32.Zbot.hmcm Checkin (trojan.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20140530/85864e39/attachment.html>


More information about the Emerging-updates mailing list