[Emerging-updates] Daily Ruleset Update Summary 2015/01/14

Francis Trudeau ftrudeau at emergingthreats.net
Wed Jan 14 18:00:21 EST 2015


 [***] Summary: [***]

 7 new Open signatures, 13 new Pro (7 + 6).  KOVTER.B, Koler.D, Rovnix.J.

 Thanks:  Anshuman Anil Deshmukh, Russell Fulton, @EKWatcher, @kafeine
and @abuse_ch.

 [+++]          Added rules:          [+++]

 Open:

  2020181 - ET TROJAN WIN32/KOVTER.B Checkin (trojan.rules)
  2020182 - ET TROJAN Cryptowall 3.0 .onion Proxy Domain (trojan.rules)
  2020183 - ET POLICY DNS Query to .onion proxy Domain (torforall.com)
(policy.rules)
  2020184 - ET POLICY DNS Query to .onion proxy Domain (torman2.com)
(policy.rules)
  2020185 - ET POLICY DNS Query to .onion proxy Domain (torwoman.com)
(policy.rules)
  2020186 - ET POLICY DNS Query to .onion proxy Domain
(torroadsters.com) (policy.rules)
  2020187 - ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate
detected (KINS CnC) (trojan.rules)

 Pro:

  2809513 - ETPRO MOBILE_MALWARE Android.Trojan.Koler.D HTTP Checkin
(mobile_malware.rules)
  2809514 - ETPRO MALWARE InstallIQ Installer HTTP Checkin (malware.rules)
  2809515 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.FakeInst.en
Checkin (mobile_malware.rules)
  2809516 - ETPRO TROJAN Win32/Rovnix.J Checkin 2 (trojan.rules)
  2809517 - ETPRO MOBILE_MALWARE Android/TrojanSMS.Agent.SD Checkin 2
(mobile_malware.rules)
  2809518 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.Agent.az Checkin
2 (mobile_malware.rules)


 [///]     Modified active rules:     [///]

  2019952 - ET TROJAN Bedep Checkin Response (trojan.rules)
  2806158 - ETPRO MOBILE_MALWARE Android/Agent.KA!tr Checkin
(mobile_malware.rules)
  2809454 - ETPRO MALWARE Adware.iBryte.B Install POST Request (malware.rules)


 [---]         Removed rules:         [---]

  2403365 - ET CINS Active Threat Intelligence Poor Reputation IP
group 66 (ciarmy.rules)
  2806847 - ETPRO TROJAN WIN32/KOVTER.B Checkin (trojan.rules)


More information about the Emerging-updates mailing list