[Emerging-updates] Daily Ruleset Update Summary 11/21/2014

Francis Trudeau ftrudeau at emergingthreats.net
Fri Nov 21 19:00:32 EST 2014


 [***] Summary: [***]

 7 new Open signatures, 14 new Pro (7 + 7).  Archie EK, Hikvision DVR
Vulnerability, FlashPack.

 [+++]          Added rules:          [+++]

 Open:

  2019765 - ET CURRENT_EVENTS DRIVEBY Nuclear EK SWF (current_events.rules)
  2019766 - ET CURRENT_EVENTS FlashPack Flash Exploit Nov 20 2014
(current_events.rules)
  2019767 - ET TROJAN Rogue.Win32/FakePAV Checkin (trojan.rules)
  2019768 - ET CURRENT_EVENTS Archie EK T2 PD Struct Nov 20 2014
(current_events.rules)
  2019769 - ET CURRENT_EVENTS Archie EK T2 Landing Struct Nov 20 2014
(current_events.rules)
  2019770 - ET CURRENT_EVENTS Archie EK T2 SWF Exploit Struct Nov 20
2014 (current_events.rules)
  2019771 - ET TROJAN W32/AntiBreach Possible Activation Attempt (trojan.rules)

 Pro:

  2809228 - ETPRO WEB_CLIENT IE Memory Corruption Vulnerability
CVE-2014-6348 (web_client.rules)
  2809229 - ETPRO MALWARE PUP Linkey.A Checkin (malware.rules)
  2809230 - ETPRO EXPLOIT Hikvision DVR Buffer Overflow Exploit
Attempt CVE-2014-4878 (exploit.rules)
  2809231 - ETPRO EXPLOIT Hikvision DVR Buffer Overflow Exploit
Attempt CVE-2014-4879 (exploit.rules)
  2809232 - ETPRO EXPLOIT Hikvision DVR Buffer Overflow Exploit
Attempt CVE-2014-4880 (exploit.rules)
  2809233 - ETPRO WEB_SPECIFIC_APPS CM Download Manager WP Plugin Code
Injection (web_specific_apps.rules)
  2809234 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.FakePrin.a Checkin
(mobile_malware.rules)


 [///]     Modified active rules:     [///]

  2808199 - ETPRO MOBILE_MALWARE Android.Trojan.FakeInst.DZ Checkin
(mobile_malware.rules)


More information about the Emerging-updates mailing list