[Emerging-updates] Daily Ruleset Update Summary 2016/01/08

Francis Trudeau ftrudeau at emergingthreats.net
Fri Jan 8 18:50:05 EST 2016


 [***] Summary: [***]

 3 new Open signatures, 17 new Pro (3 + 14).  Win32/Bulta,
Job314/Neutrino, Blackmoon.

 Thanks:  @MalwareMustDie.

 [+++]          Added rules:          [+++]

 Open:

  2022345 - ET TROJAN Win32/Bulta CnC Beacon  (trojan.rules)
  2022346 - ET TROJAN Win32/Bulta DNS Lookup (kugo.f3322.net) (trojan.rules)
  2022347 - ET TROJAN Win32/Bulta DNS Lookup (yk.ftwxw.com) (trojan.rules)

 Pro:

  2815662 - ETPRO CURRENT_EVENTS Possible Job314/Neutrino Reboot EK
Flash Exploit Jan 07 2015 M1 (current_events.rules)
  2815663 - ETPRO CURRENT_EVENTS Possible Job314/Neutrino Reboot EK
Flash Exploit Jan 07 2015 M2 (current_events.rules)
  2815664 - ETPRO CURRENT_EVENTS Possible Neutrino Landing Oct 20 2015
M11 Landing URI Struct (current_events.rules)
  2815665 - ETPRO TROJAN W32.Blackmoon Checkin 1 (trojan.rules)
  2815666 - ETPRO CURRENT_EVENTS Successful PNC Bank Phish Jan 8
(current_events.rules)
  2815667 - ETPRO CURRENT_EVENTS Ezweb123 Phishing (set) Jan 8
(current_events.rules)
  2815668 - ETPRO CURRENT_EVENTS Ezweb123.com Phishing Landing Jan 8
(current_events.rules)
  2815669 - ETPRO CURRENT_EVENTS Form Submission to Ezweb123.com -
Possible Successful Phish Jan 8 (current_events.rules)
  2815670 - ETPRO MALWARE JS/Fakebsod Browserlocker (malware.rules)
  2815671 - ETPRO TROJAN Codelux Vision Keylogger Reporting
Information (trojan.rules)
  2815672 - ETPRO TROJAN Inexsmar/Darkhotel Stage1 Checkin 2 (trojan.rules)
  2815673 - ETPRO CURRENT_EVENTS Adobe Phishing Landing Jan 8
(current_events.rules)
  2815674 - ETPRO CURRENT_EVENTS Successful Adobe Phish Jan 8
(current_events.rules)
  2815676 - ETPRO TROJAN W32.Blackmoon Checkin 2 (trojan.rules)


 [///]     Modified active rules:     [///]

  2807782 - ETPRO TROJAN TrojanProxy.Mediana.q Proxy CnC Checkin
Response (trojan.rules)
  2807783 - ETPRO TROJAN Win32/TrojanProxy.Agent.NJK CnC Checkin
Response (trojan.rules)


More information about the Emerging-updates mailing list