[Emerging-updates] Daily Ruleset Update Summary 2015/01/15

Francis Trudeau ftrudeau at emergingthreats.net
Thu Jan 15 17:10:19 EST 2015


 [***] Summary: [***]

 9 new Open signatures, 21 new Pro (9 + 12).  Linux/ChinaZ,
P2P-Worm.Win32.Blinkom, INFOSTEALER.COMPFOLDER.

 Thanks:  @abuse_ch.

 [+++]          Added rules:          [+++]

 Open:

  2020188 - ET TROJAN Linux/ChinaZ DDoS Bot Checkin (trojan.rules)
  2020189 - ET POLICY I2P Reseed Domain Lookup
(i2p-netdb.innovatio.no) (policy.rules)
  2020190 - ET POLICY I2P Reseed Domain Lookup (i2p.mooo.com) (policy.rules)
  2020191 - ET POLICY I2P Reseed Domain Lookup (netdb.i2p2.no) (policy.rules)
  2020192 - ET POLICY I2P Reseed Domain Lookup (reseed.i2p-projekt.de)
(policy.rules)
  2020193 - ET POLICY I2P Reseed Domain Lookup (uk.reseed.i2p2.no)
(policy.rules)
  2020194 - ET POLICY I2P Reseed Domain Lookup (us.reseed.i2p2.no)
(policy.rules)
  2020195 - ET POLICY exploitpack.com tool checkin (policy.rules)
  2020196 - ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate
detected (KINS CnC) (trojan.rules)

 Pro:

  2809519 - ETPRO WEB_SPECIFIC_APPS WP PhotoGallery Plugin SQLi
Attempt (web_specific_apps.rules)
  2809520 - ETPRO TROJAN INFOSTEALER.COMPFOLDER sending stolen files 2
(trojan.rules)
  2809521 - ETPRO MOBILE_MALWARE Android/DroidDeluxe.A Checkin
(mobile_malware.rules)
  2809522 - ETPRO TROJAN Win32.SpyEyes.atjw Checkin (trojan.rules)
  2809523 - ETPRO TROJAN P2P-Worm.Win32.Blinkom checkin 1 (trojan.rules)
  2809524 - ETPRO TROJAN P2P-Worm.Win32.Blinkom checkin 2 (trojan.rules)
  2809525 - ETPRO TROJAN DarkComet-RAT Activity (trojan.rules)
  2809526 - ETPRO TROJAN DDoS.XOR Checkin via HTTP (trojan.rules)
  2809527 - ETPRO TROJAN Infostealer.Gamania Checkin (trojan.rules)
  2809528 - ETPRO TROJAN Win32/Lightbulb.A Checkin (trojan.rules)
  2809529 - ETPRO TROJAN Trojan.Win32.ServStart Checkin (trojan.rules)
  2809530 - ETPRO TROJAN Backdoor.Win32.DarkKomet Keep-Alive (trojan.rules)


 [///]     Modified active rules:     [///]

  2008433 - ET TROJAN Pandex checkin detected (trojan.rules)
  2807011 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.u Checkin
(mobile_malware.rules)
  2809485 - ETPRO TROJAN Blitz CMS Community SQLi Request (trojan.rules)


More information about the Emerging-updates mailing list