[Emerging-updates] Daily Ruleset Update Summary 11/10/2014

Francis Trudeau ftrudeau at emergingthreats.net
Mon Nov 10 19:37:21 EST 2014


 [***] Summary: [***]

 4 new Open signatures, 10 new Pro (4+6).  Belkin N750 vuln,
Darkhotel, Various Android.

 Thanks:  Nathan Folwer, Kevin Ross, @kafeine, @c_APT_ure.

 [+++]          Added rules:          [+++]

 Open:

  2019686 - ET EXPLOIT Belkin N750 Buffer Overflow Attempt (exploit.rules)
  2019687 - ET TROJAN Win32/Roficor.A (Darkhotel) Checkin 1 (trojan.rules)
  2019688 - ET TROJAN Win32/Roficor.A (Darkhotel) Checkin 2 (trojan.rules)
  2019690 - ET CURRENT_EVENTS Archie EK Landing Nov 10 2014
(current_events.rules)

 Pro:

  2809133 - ETPRO MOBILE_MALWARE Backdoor.AndroidOS.Seldor.d Checkin
(mobile_malware.rules)
  2809135 - ETPRO POLICY Win32/InstallIQ.A Checkin 2 (policy.rules)
  2809136 - ETPRO MALWARE PUP BubbleDock.A Checkin 2 (malware.rules)
  2809137 - ETPRO TROJAN Win32/GameHack.RU Checkin via SQL (trojan.rules)
  2809138 - ETPRO MOBILE_MALWARE AndroidOS/FakeMarket.A Checkin
(mobile_malware.rules)
  2809139 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.Agent.cr Checkin
(mobile_malware.rules)


 [///]     Modified active rules:     [///]

  2017656 - ET TROJAN W32/InstallMonster.Downloader Checkin (trojan.rules)
  2018998 - ET CURRENT_EVENTS Archie EK Landing Aug 24 2014
(current_events.rules)
  2019358 - ET CURRENT_EVENTS Nuclear EK Payload URI Struct Oct 5 2014
(no alert) (current_events.rules)


 [---]         Removed rules:         [---]

  2011401 - ET TROJAN Yoyo-DDoS Bot Unknown Command From CnC Server
(trojan.rules)


More information about the Emerging-updates mailing list