[Emerging-updates] Daily Ruleset Update Summary 2015/01/27

Francis Trudeau ftrudeau at emergingthreats.net
Tue Jan 27 17:23:07 EST 2015


 [***] Summary: [***]

 2 new Open signatures, 11 new Pro (2 + 9).  FerretCMS SQLi, SmartCMS
SQLi, CVE-2015-0235 Exim buffer overflow.

 Thanks:  @rmkml

 [+++]          Added rules:          [+++]

 Open:

  2020315 - ET TROJAN KL-Remote / Cryp_Banker14 RAT connection (trojan.rules)
  2020316 - ET TROJAN KL-Remote / Cryp_Banker14 RAT response (trojan.rules)

 Pro:

  2809592 - ETPRO WEB_SPECIFIC_APPS FerretCMS SQLi Attempt
(web_specific_apps.rules)
  2809593 - ETPRO WEB_SPECIFIC_APPS SmartCMS SQLi Attempt
(web_specific_apps.rules)
  2809594 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.Logisr.a
Uploading Info via FTP (mobile_malware.rules)
  2809595 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.Logisr.a Checkin
(mobile_malware.rules)
  2809596 - ETPRO MOBILE_MALWARE Android.Riskware.SmsPay.EX Checkin
(mobile_malware.rules)
  2809597 - ETPRO EXPLOIT CVE-2015-0235 Exim Buffer Overflow Attempt
(EHLO) (exploit.rules)
  2809598 - ETPRO EXPLOIT CVE-2015-0235 Exim Buffer Overflow Attempt
(HELO) (exploit.rules)
  2809599 - ETPRO TROJAN KazyBot Checkin (trojan.rules)
  2809600 - ETPRO MALWARE Win32/SoftPulse.P HTTP Request (malware.rules)


 [///]     Modified active rules:     [///]

  2014726 - ET POLICY Outdated Windows Flash Version IE (policy.rules)
  2014727 - ET POLICY Outdated Mac Flash Version (policy.rules)
  2020300 - ET CURRENT_EVENTS DRIVEBY Nuclear EK Exploit Struct Jan 23
2015 (current_events.rules)
  2808129 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.Agent.gl Checkin
(mobile_malware.rules)


More information about the Emerging-updates mailing list