[Emerging-updates] Daily Ruleset Update Summary 2016/02/24

Francis Trudeau ftrudeau at emergingthreats.net
Wed Feb 24 19:11:30 EST 2016


 [***] Summary: [***]

 2 new Open signatures, 14 new Pro (2 + 12).  Operation Blockbuster,
Blackworm/njRat, CryptoLocker.


 [+++]          Added rules:          [+++]

  2022564 - ET TROJAN Operation Blockbuster User-Agent (Mozillar) (trojan.rules)
  2022565 - ET CURRENT_EVENTS Evil Redirect Leading to EK Feb 23 2016
(current_events.rules)

 Pro:

  2816365 - ETPRO TROJAN Possible W32/Unknown CnC Request (trojan.rules)
  2816366 - ETPRO TROJAN W32/Unknown CnC Response (trojan.rules)
  2816367 - ETPRO POLICY Suspicious 404 OK Response (policy.rules)
  2816368 - ETPRO TROJAN Blackworm/njRat Variant CnC Checkin (trojan.rules)
  2816369 - ETPRO MOBILE_MALWARE Android.Trojan.HiddenApp.AW Checkin
(mobile_malware.rules)
  2816370 - ETPRO TROJAN PoisonIvy Keepalive to CnC 304 (trojan.rules)
  2816371 - ETPRO TROJAN PoisonIvy Keepalive to CnC 305 (trojan.rules)
  2816372 - ETPRO TROJAN Cryptolocker Variant .onion Proxy Domain (trojan.rules)
  2816373 - ETPRO TROJAN CoinMiner Known malicious stratum authline
(2016-02-24 1) (trojan.rules)
  2816374 - ETPRO TROJAN Win32/CryptoLocker Variant CnC Checkin (trojan.rules)
  2816376 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.Agent.ip Checkin
(mobile_malware.rules)
  2816377 - ETPRO TROJAN MSIL/AGENT.AHD Exfil via FTP (trojan.rules)


 [///]     Modified active rules:     [///]

  2816301 - ETPRO TROJAN Win32/Evotob.B CnC (trojan.rules)


More information about the Emerging-updates mailing list