[Emerging-updates] Daily Ruleset Update Summary 2016/05/02

Francis Trudeau ftrudeau at emergingthreats.net
Mon May 2 18:53:53 EDT 2016


 [***] Summary: [***]

 24 new Pro signatures.  MultiGrainPOS, Emissary, PoisonIvy.

 [+++]          Added rules:          [+++]

  2819996 - ETPRO TROJAN MultiGrainPOS CnC over DNS (trojan.rules)
  2819997 - ETPRO MOBILE_MALWARE Android.Adware.Ppoer.C Checkin
(mobile_malware.rules)
  2819998 - ETPRO MOBILE_MALWARE Android/Inmobi.D Checkin
(mobile_malware.rules)
  2819999 - ETPRO MOBILE_MALWARE Android/TrojanDropper.Shedun.V Checkin
(mobile_malware.rules)
  2820000 - ETPRO MOBILE_MALWARE Android/Styricka.A Checkin
(mobile_malware.rules)
  2820001 - ETPRO CURRENT_EVENTS Adobe Online Document Phishing Landing May
2 (current_events.rules)
  2820004 - ETPRO TROJAN Malicious SSL Certificate Detected (Social
Engineering Kit) (trojan.rules)
  2820005 - ETPRO TROJAN Emissary External IP Check 2 (trojan.rules)
  2820006 - ETPRO TROJAN Emissary CnC Beacon 2 (trojan.rules)
  2820007 - ETPRO TROJAN Emissary CnC Beacon 3 (trojan.rules)
  2820008 - ETPRO TROJAN Emissary CnC Beacon Response 2 (trojan.rules)
  2820009 - ETPRO TROJAN Emissary CnC Beacon 4 (trojan.rules)
  2820010 - ETPRO TROJAN Observerd Malvertising Domain SSL Cert
(trojan.rules)
  2820011 - ETPRO MOBILE_MALWARE Android.Trojan.FakeFlash.T Checkin
(mobile_malware.rules)
  2820012 - ETPRO CURRENT_EVENTS Successful NCB Online Phish May 2
(current_events.rules)
  2820013 - ETPRO CURRENT_EVENTS Possible XML Phishing Landing May 2
(current_events.rules)
  2820014 - ETPRO CURRENT_EVENTS Possible Successful SWF/XML Phish May 2
(current_events.rules)
  2820015 - ETPRO MALWARE MSIL/Adware.Testing24.A Checkin (malware.rules)
  2820016 - ETPRO TROJAN PoisonIvy Keepalive to CnC 321 (trojan.rules)
  2820017 - ETPRO TROJAN PoisonIvy Keepalive to CnC 322 (trojan.rules)
  2820018 - ETPRO TROJAN PoisonIvy Keepalive to CnC 323 (trojan.rules)
  2820019 - ETPRO TROJAN PoisonIvy Keepalive to CnC 324 (trojan.rules)
  2820020 - ETPRO TROJAN CoinMiner Known malicious stratum authline
(2016-05-02 1) (trojan.rules)
  2820021 - ETPRO MOBILE_MALWARE Trojan-Ransom.AndroidOS.Svpeng.e Checkin
(mobile_malware.rules)


 [///]     Modified active rules:     [///]

  2022736 - ET TROJAN ABUSE.CH SSL Blacklist MaliciET TROJAN ABUSE.CH SSL
Blacklist Malicious SSL certificate detected (Qadars CnC) (trojan.rules)
  2814183 - ETPRO MALWARE Win32.Instally.AD Checkin (malware.rules)
  2815103 - ETPRO TROJAN Ozone RAT CnC Beacon (trojan.rules)


 [---]         Removed rules:         [---]

  2811065 - ETPRO MALWARE PUP Win32/Instally.A CnC Beacon (malware.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20160502/0fd4b44d/attachment.html>


More information about the Emerging-updates mailing list