[Emerging-updates] Daily Ruleset Update Summary 2016/05/10 2.0

Will Metcalf wmetcalf at emergingthreatspro.com
Tue May 10 18:33:06 EDT 2016


 [***]          Summary:              [***]

 1 new Open rule. 15 new Pro rules. NanoCore, PIVY, Hawkeye, Cerber, etc.

 [+++]          Added rules:          [+++]

  Open:
  2022801 - ET TROJAN ABUSE.CH Ransomware Domain Detected (TorrentLocker
C2) (trojan.rules)

  Pro:
  2820119 - ETPRO WEB_CLIENT Possible Microsoft Internet Explorer Null
Array Base (CVE-2016-0192) (web_client.rules)
  2820154 - ETPRO CURRENT_EVENTS Successful Gmail Account Update Phish May
10 (current_events.rules)
  2820155 - ETPRO CURRENT_EVENTS French Gmail Account Update Phishing
Landing May 10 (current_events.rules)
  2820156 - ETPRO TROJAN Ransomware/Cerber Onion Domain Lookup
(trojan.rules)
  2820159 - ETPRO MOBILE_MALWARE Trojan-Ransom.AndroidOS.Agent.r Checkin
(mobile_malware.rules)
  2820160 - ETPRO MALWARE Win32/NEWSPOT Adware Config Request
(malware.rules)
  2820161 - ETPRO MALWARE MSIL/Testing24 Adware Initial Request
(malware.rules)
  2820162 - ETPRO TROJAN NanoCore RAT CnC 9 (trojan.rules)
  2820165 - ETPRO TROJAN PoisonIvy Keepalive to CnC 337 (trojan.rules)
  2820166 - ETPRO TROJAN PoisonIvy Keepalive to CnC 338 (trojan.rules)
  2820167 - ETPRO TROJAN PoisonIvy Keepalive to CnC 339 (trojan.rules)
  2820168 - ETPRO TROJAN PoisonIvy Keepalive to CnC 340 (trojan.rules)
  2820169 - ETPRO TROJAN PoisonIvy Keepalive to CnC 341 (trojan.rules)
  2820170 - ETPRO TROJAN PoisonIvy Keepalive to CnC 342 (trojan.rules)
  2820171 - ETPRO TROJAN Hawkeye/HawkSpy Email Report (trojan.rules)


 [///]     Modified active rules:     [///]

  2816494 - ETPRO MOBILE_MALWARE Android/Spy.Agent.SZ Checkin
(mobile_malware.rules)


 [---]         Removed rules:         [---]

  2820119 - ETPRO EXPLOIT Possible IE Null Array Base (CVE-2016-0192)
(exploit.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20160510/299d2d27/attachment-0001.html>


More information about the Emerging-updates mailing list