[Emerging-updates] Daily Ruleset Update Summary 11/19/2014

Francis Trudeau ftrudeau at emergingthreats.net
Wed Nov 19 18:38:26 EST 2014


 [***] Summary: [***]

 3 new Open signatures, 12 new Pro (3 + 9).  Galaxy Knox RCE,
Qhost.Banker, SmsSpy.FS.

 Thanks:  Jake Warren, Russell Fulton, @rmkml and @kafeine

 [+++]          Added rules:          [+++]

 Open:

  2019746 - ET POLICY Bitmessage Activity (policy.rules)
  2019747 - ET TROJAN ELF_BASHLITE.SMB Dropping Files (trojan.rules)
  2019750 - ET WEB_CLIENT Samsung Galaxy Knox Android Browser RCE smdm
attempt (web_client.rules)

 Pro:

  2809215 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Binv.a
Checkin (mobile_malware.rules)
  2809216 - ETPRO MOBILE_MALWARE Android.Trojan.SmsSpy.FS Checkin
(mobile_malware.rules)
  2809217 - ETPRO TROJAN Win32/Filecoder.DG Checkin (trojan.rules)
  2809218 - ETPRO MALWARE PUP Win32/AdWare.Loadshop Checkin (malware.rules)
  2809219 - ETPRO TROJAN Win32/Qhost.Banker.PB Checkin - SET (trojan.rules)
  2809220 - ETPRO TROJAN Win32/Qhost.Banker.PB Checkin (trojan.rules)
  2809221 - ETPRO MOBILE_MALWARE Monitor.AndroidOS.SilTracker.a
Checkin (mobile_malware.rules)
  2809222 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Wroba.b
Checkin (mobile_malware.rules)
  2809223 - ETPRO TROJAN Win32/TrojanDownloader.Autoit.NVF Checkin
(trojan.rules)


 [///]     Modified active rules:     [///]

  2018448 - ET TROJAN Sefnit Checkin (trojan.rules)
  2018449 - ET TROJAN Potential Sefint C2 traffic (from server) (trojan.rules)
  2019743 - ET CURRENT_EVENTS SPL2 EK PluginDetect Data Hash Nov 18
2014 (current_events.rules)


More information about the Emerging-updates mailing list