[Emerging-updates] Daily Ruleset Update Summary 2016/05/26

Francis Trudeau ftrudeau at emergingthreats.net
Thu May 26 18:27:02 EDT 2016


 [***] Summary: [***]

 18 new Pro signatures.  CryptXXX, VARIOUS PHISHING, TorrentLocker.

 [+++]          Added rules:          [+++]

  2820179 - ETPRO TROJAN CryptXXX Possible Payment Page (trojan.rules)
  2820357 - ETPRO MOBILE_MALWARE Trojan-Dropper.AndroidOS.Triada.g Checkin
(mobile_malware.rules)
  2820358 - ETPRO TROJAN PoisonIvy Keepalive to CnC 384 (trojan.rules)
  2820359 - ETPRO TROJAN PoisonIvy Keepalive to CnC 385 (trojan.rules)
  2820360 - ETPRO TROJAN PoisonIvy Keepalive to CnC 386 (trojan.rules)
  2820361 - ETPRO TROJAN PoisonIvy Keepalive to CnC 387 (trojan.rules)
  2820362 - ETPRO POLICY External IP Address Check - (useragent.cc)
(policy.rules)
  2820363 - ETPRO POLICY External IP Address Check - (ddnss.de)
(policy.rules)
  2820364 - ETPRO CURRENT_EVENTS Possible Successful Generic Phish May 26
(current_events.rules)
  2820365 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.Tiny.bl Checkin
(mobile_malware.rules)
  2820366 - ETPRO TROJAN MSIL/Banker.M Requesting Binary from SQL 2
(trojan.rules)
  2820367 - ETPRO TROJAN Win32/Agiala Checkin (trojan.rules)
  2820368 - ETPRO TROJAN TorrentLocker DNS query to Domain *.blasters.biz
(trojan.rules)
  2820369 - ETPRO CURRENT_EVENTS Successful Phish via Wix.com May 26
(current_events.rules)
  2820370 - ETPRO CURRENT_EVENTS Successful Petro Canada Phish May 26
(current_events.rules)
  2820371 - ETPRO CURRENT_EVENTS Successful Wells Fargo Phish May 26
(current_events.rules)
  2820372 - ETPRO CURRENT_EVENTS Suspicious Domain - Possible Phishing
Redirect May 26 (current_events.rules)
  2820373 - ETPRO CURRENT_EVENTS Successful Paypal Phish May 26
(current_events.rules)


 [///]     Modified active rules:     [///]

  2021871 - ET TROJAN Hawkeye Keylogger SMTP Beacon (trojan.rules)
  2809782 - ETPRO MOBILE_MALWARE Android/AdDisplay.Kuguo.F Checkin
(mobile_malware.rules)
  2815781 - ETPRO CURRENT_EVENTS Possible Successful Generic Phish Jan 14
(current_events.rules)
  2820159 - ETPRO MOBILE_MALWARE Trojan-Ransom.AndroidOS.Agent.r Checkin
(mobile_malware.rules)


 [---]         Removed rules:         [---]

  2820097 - ETPRO TROJAN CryptXXX 2.06 Checkin (trojan.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20160526/2435e3ee/attachment.html>


More information about the Emerging-updates mailing list