[Emerging-updates] DAILY RULESET UPDATE SUMMARY 2016/01/20

Francis Trudeau ftrudeau at emergingthreats.net
Wed Jan 20 17:25:00 EST 2016


 [***] Summary: [***]

 1 new Open signature, 15 new Pro (1 + 14).  Superman APT,
URLzone/Bebloh/Shiotob.

 Thanks:  @abuse_ch.

 [+++]          Added rules:          [+++]

 Open:

  2022385 - ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate
detected (Dridex) (trojan.rules)

 Pro:

  2815853 - ETPRO CURRENT_EVENTS Successful Credential Phish via
FormLogix Jan 19 (current_events.rules)
  2815854 - ETPRO CURRENT_EVENTS Adobe Shared Document Base64 Phishing
Landing Jan 19 (current_events.rules)
  2815855 - ETPRO CURRENT_EVENTS Successful DHL Phish Jan 19
(current_events.rules)
  2815856 - ETPRO TROJAN Unk/Keylogger Checkin (trojan.rules)
  2815857 - ETPRO TROJAN Superman APT DNS Lookup (trojan.rules)
  2815858 - ETPRO TROJAN Superman APT SSL Cert 1 (trojan.rules)
  2815859 - ETPRO TROJAN Superman APT SSL Cert 2 (trojan.rules)
  2815860 - ETPRO TROJAN Superman APT SSL Cert 3 (trojan.rules)
  2815861 - ETPRO TROJAN URLzone/Bebloh/Shiotob Injects SSL
Certificate Detected (trojan.rules)
  2815862 - ETPRO MOBILE_MALWARE Monitor.AndroidOS.Neospy.a Checkin
(mobile_malware.rules)
  2815863 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.dy
Checkin 2 (mobile_malware.rules)
  2815864 - ETPRO TROJAN W32/UnknownRAT Checkin (trojan.rules)
  2815865 - ETPRO TROJAN W32/UnknownRAT Checkin 2 (trojan.rules)
  2815866 - ETPRO TROJAN W32/UnknownRAT Variant Checkin (trojan.rules)


 [///]     Modified active rules:     [///]

  2011582 - ET POLICY Vulnerable Java Version 1.6.x Detected (policy.rules)
  2014297 - ET POLICY Vulnerable Java Version 1.7.x Detected (policy.rules)
  2014726 - ET POLICY Outdated Windows Flash Version IE (policy.rules)
  2814838 - ETPRO WEB_CLIENT Possible Microsoft Internet Explorer
Memory Information Disclosure (CVE-2015-6086) (web_client.rules)


More information about the Emerging-updates mailing list