[Emerging-updates] Daily Ruleset Update Summary 2016/05/23

Francis Trudeau ftrudeau at emergingthreats.net
Mon May 23 17:34:57 EDT 2016


 [***] Summary: [***]

 15 new Pro signatures.  CVE-2015-1770, Cript 1.0, Neutrino EK.

 Thanks:  Jose Vila.

 [+++]          Added rules:          [+++]

  2820307 - ETPRO WEB_CLIENT Microsoft Rich Text File download with
Possible Exploit (CVE-2015-1770) (web_client.rules)
  2820308 - ETPRO CURRENT_EVENTS Neutrino EK Payload May 23 2016
(current_events.rules)
  2820309 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.kx Checkin
(mobile_malware.rules)
  2820310 - ETPRO TROJAN PoisonIvy Keepalive to CnC 374 (trojan.rules)
  2820311 - ETPRO TROJAN PoisonIvy Keepalive to CnC 375 (trojan.rules)
  2820312 - ETPRO TROJAN PoisonIvy Keepalive to CnC 376 (trojan.rules)
  2820313 - ETPRO TROJAN Cript 1.0 Ransomware Installed (trojan.rules)
  2820314 - ETPRO TROJAN Cript 1.0 Ransomware Disk Checkin (trojan.rules)
  2820315 - ETPRO TROJAN Cript 1.0 Ransomware File Checkin (trojan.rules)
  2820316 - ETPRO TROJAN MSIL/SNSLocker Ransomware Checkin 1 (trojan.rules)
  2820317 - ETPRO TROJAN MSIL/SNSLocker Ransomware Checkin 2 (trojan.rules)
  2820318 - ETPRO TROJAN Win32.Crypren/Zcrypt Ransomware Checkin
(trojan.rules)
  2820319 - ETPRO TROJAN Win32/Bafruz.L Activity (trojan.rules)
  2820320 - ETPRO TROJAN Win32/Nitedrem.E CnC 2 (trojan.rules)
  2820321 - ETPRO TROJAN Cript 1.0 Ransomware Encrypt Job Complete
(trojan.rules)


 [///]     Modified active rules:     [///]

  2007695 - ET POLICY Windows 98 User-Agent Detected - Possible Malware or
Non-Updated System (policy.rules)
  2815254 - ETPRO CURRENT_EVENTS Possible Nuclear EK Payload Dec 06 2015 M2
(current_events.rules)
  2816218 - ETPRO TROJAN Loxes CnC Beacon (trojan.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20160523/00e7e67a/attachment.html>


More information about the Emerging-updates mailing list