[Emerging-updates] Daily Ruleset Update Summary 11/04/2014

Francis Trudeau ftrudeau at emergingthreats.net
Tue Nov 4 19:06:01 EST 2014


 [***] Summary: [***]

 6 new open signatures, 12 new Pro (6+6).  Backoff variant,
AndroidOS.FakeInst, Joomla SQLi.

 Thanks:  @kafeine, Jake Warren

 [+++]          Added rules:          [+++]

 Open:

  2019636 - ET TROJAN Backoff Variant Checkin (trojan.rules)
  2019637 - ET TROJAN Shellshock Backdoor.Perl.Shellbot.F C2 (trojan.rules)
  2019638 - ET CURRENT_EVENTS Evil EK Redirector Cookie Nov 03 2014
(current_events.rules)
  2019639 - ET CURRENT_EVENTS Win32.Zbot.umpz SSL Cert Nov 4 2014
(current_events.rules)
  2019640 - ET TROJAN Sofacy DNS Lookup malwarecheck.info (trojan.rules)
  2019641 - ET TROJAN Sofacy HTTP Request malwarecheck.info (trojan.rules)

 Pro:

  2809119 - ETPRO WEB_SPECIFIC_APPS Joomla RD Download SQL Injection
Attempt (web_specific_apps.rules)
  2809120 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.FakeInst.a
Checkin 6 (mobile_malware.rules)
  2809121 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.FakeInst.a
Checkin 7 (mobile_malware.rules)
  2809122 - ETPRO MOBILE_MALWARE Android/Spy.SmsSpy.N Checkin
(mobile_malware.rules)
  2809123 - ETPRO TROJAN Backdoor.Win32.Waterspout.A Checkin (trojan.rules)
  2809124 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.aj
Checkin (mobile_malware.rules)


 [///]     Modified active rules:     [///]

  2806839 - ETPRO MOBILE_MALWARE Android/TrojanSMS.Agent.KR Checkin
(mobile_malware.rules)
  2807930 - ETPRO TROJAN Win32.Boaxxe Trojan Checkin (trojan.rules)


 [---]  Disabled and modified rules:  [---]

  2019629 - ET TROJAN AnubisNetworks Sinkhole TCP Connection (trojan.rules)
  2019632 - ET TROJAN AnubisNetworks Sinkhole UDP Connection (trojan.rules)


More information about the Emerging-updates mailing list