[Emerging-updates] Daily Ruleset Update Summary 11/26/2014

Francis Trudeau ftrudeau at emergingthreats.net
Wed Nov 26 17:40:13 EST 2014


 [***] Summary: [***]

 5 new Open rules, 8 new Pro (5 + 3).  Abuse.ch Malicious SSL
certificate, Win32/Notodar.

 Thanks:  @abuse_ch

 [+++]          Added rules:          [+++]

 Open:

  2019813 - ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate
detected (Hesperbot CnC) (trojan.rules)
  2019814 - ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate
detected (KINS CnC) (trojan.rules)
  2019815 - ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate
detected (KINS CnC) (trojan.rules)
  2019818 - ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate
detected (Dyre CnC) (trojan.rules)
  2019819 - ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate
detected (Dyre CnC) (trojan.rules)

 Pro:

  2809248 - ETPRO WEB_SPECIFIC_APPS SP Client Document Manager WP
Plugin SQLi (web_specific_apps.rules)
  2809249 - ETPRO TROJAN Backdoor.MSIL.Soaphrish.A checkin (trojan.rules)
  2809251 - ETPRO TROJAN Win32/Notodar Checkin (trojan.rules)


 [///]     Modified active rules:     [///]

  2013224 - ET POLICY Suspicious User-Agent Containing .exe (policy.rules)
  2014636 - ET TROJAN Backdoor.Win32/Poison.BI (trojan.rules)
  2016567 - ET TROJAN Win32/Urausy.C Checkin 2 (trojan.rules)
  2019798 - ET CURRENT_EVENTS Malicious Iframe Leading to EK
(current_events.rules)


 [---]         Removed rules:         [---]

  2017258 - ET CURRENT_EVENTS Fake FedEX/Pony spam campaign URI Struct
(current_events.rules)
  2804479 - ETPRO TROJAN Trojan.Win32.Generic Checkin (trojan.rules)


More information about the Emerging-updates mailing list