[Emerging-updates] Daily Ruleset Update Summary 2016/05/11

Francis Trudeau ftrudeau at emergingthreats.net
Wed May 11 17:36:33 EDT 2016


 [***] Summary: [***]

 2 new Open signatures, 13 new Pro (2 + 11).  CryptXXX, Ruckguv, Gozi.

 [+++]          Added rules:          [+++]

 Open:

  2022802 - ET CURRENT_EVENTS Microsoft Fake Support Phone Scam May 10
(current_events.rules)
  2022803 - ET INFO Flowbit set for POST to Quicken Updater (info.rules)

 Pro:

  2820172 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.Agent.jl Checkin
(mobile_malware.rules)
  2820173 - ETPRO TROJAN Malicious SSL certificate detected (Gozi CnC)
(trojan.rules)
  2820174 - ETPRO TROJAN Observed Malvertising Domain SSL Cert
(trojan.rules)
  2820175 - ETPRO TROJAN Ruckguv Downloader Fetching Modules (trojan.rules)
  2820176 - ETPRO TROJAN Unknown Banker.BR Checkin (trojan.rules)
  2820177 - ETPRO TROJAN Unknown Locker C2 domain (trojan.rules)
  2820178 - ETPRO TROJAN Unknown Locker C2 domain (trojan.rules)
  2820179 - ETPRO TROJAN CryptXXX Possible Payment Page (trojan.rules)
  2820180 - ETPRO MOBILE_MALWARE Trojan-Dropper.AndroidOS.Agent.by Checkin
(mobile_malware.rules)
  2820181 - ETPRO MOBILE_MALWARE Trojan-Dropper.AndroidOS.Agent.by Checkin
2 (mobile_malware.rules)
  2820182 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.ic Checkin
(mobile_malware.rules)


 [///]     Modified active rules:     [///]

  2008438 - ET MALWARE Possible Windows executable sent when remote host
claims to send a Text File (malware.rules)
  2020896 - ET CURRENT_EVENTS DRIVEBY Router DNS Changer Apr 07 2015 M2
(current_events.rules)
  2022500 - ET CURRENT_EVENTS Xbagger Macro Encrypted DL
(current_events.rules)
  2819978 - ETPRO TROJAN Tordal/Hancitor/Chanitor (trojan.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20160511/9505ba8f/attachment.html>


More information about the Emerging-updates mailing list