[Emerging-updates] Daily Ruleset Update Summary 2015/01/08

Francis Trudeau ftrudeau at emergingthreats.net
Thu Jan 8 20:53:19 EST 2015


 [***] Summary: [***]

 1 new Open signature, 12 new Pro (1 + 11).  Vawtrak/NeverQuest,
Brontok.n, Fsysna.bani.

 Thanks:  @EKWatcher.

 [+++]          Added rules:          [+++]

 Open:

  2020158 - ET TROJAN Mini/Cosmic Duke variant FTP upload (trojan.rules)

 Pro:

  2809458 - ETPRO TROJAN Backdoor.Locobad.B Checkin (trojan.rules)
  2809459 - ETPRO MOBILE_MALWARE Android/Adware.AirPush.J Checkin
(mobile_malware.rules)
  2809460 - ETPRO TROJAN Win32.Fsysna.bani CnC Beacon GET (trojan.rules)
  2809461 - ETPRO TROJAN Win32.Fsysna.bani CnC Beacon POST (trojan.rules)
  2809462 - ETPRO TROJAN Win32.Fsysna.bani CnC Beacon Response (trojan.rules)
  2809463 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Svpeng.c
Checkin (mobile_malware.rules)
  2809464 - ETPRO TROJAN Vawtrak/NeverQuest Posting Data (trojan.rules)
  2809465 - ETPRO TROJAN Vawtrak/NeverQuest Posting Data (trojan.rules)
  2809466 - ETPRO WEB_SPECIFIC_APPS Pandora FMS Authentication Bypass
Attempt (web_specific_apps.rules)
  2809467 - ETPRO WEB_SPECIFIC_APPS Sefrengo CMS 1.6.0 SQLi Attempt
(web_specific_apps.rules)
  2809468 - ETPRO TROJAN Email-Worm.Win32.Brontok.n Checkin 2 (trojan.rules)


 [///]     Modified active rules:     [///]

  2018752 - ET TROJAN Generic .bin download from Dotted Quad (trojan.rules)
  2020148 - ET CURRENT_EVENTS MS Office Macro Dridex Download URI Jan
7 2015 (current_events.rules)
  2808272 - ETPRO TROJAN MiniDuke variant FTP upload (trojan.rules)
  2808927 - ETPRO TROJAN Trojan/Banker.Agent.bof Checkin 2 (trojan.rules)


 [---]         Removed rules:         [---]

  2804925 - ETPRO TROJAN Trojan/Banker.Agent.bof Checkin (trojan.rules)
  2805006 - ETPRO TROJAN TrojanDownloader.Win32/Banload.ZL Checkin 2
(trojan.rules)


More information about the Emerging-updates mailing list