[Emerging-updates] Daily Ruleset Update Summary 2017/02/15

Francis Trudeau ftrudeau at emergingthreats.net
Wed Feb 15 16:44:01 EST 2017


 [***] Summary: [***]

 21 new Pro signatures.  Fareit/Pony, Nemucod, Zeus Panda, VARIOUS PHISHING.

 [+++]          Added rules:          [+++]


  2824971 - ETPRO TROJAN Fareit/Pony Variant CnC Beacon (trojan.rules)
  2824972 - ETPRO CURRENT_EVENTS Successful Free Mobile (FR) Phish Feb
15 2017 (current_events.rules)
  2824973 - ETPRO MOBILE_MALWARE Backdoor.AndroidOS.Ztorg.d Checkin
(mobile_malware.rules)
  2824974 - ETPRO MOBILE_MALWARE Android.Trojan.Dropper.AP CnC Beacon
(mobile_malware.rules)
  2824975 - ETPRO TROJAN JS/Nemucod Retrieving Payload (trojan.rules)
  2824976 - ETPRO TROJAN W32.Unknown.kr RAT Checkin (trojan.rules)
  2824977 - ETPRO MALWARE Win32.Lollipop.R Checkin (malware.rules)
  2824978 - ETPRO POLICY PUP SafeBytes SSL Cert (policy.rules)
  2824979 - ETPRO MOBILE_MALWARE Trojan-FakeAV.AndroidOS.Provar.a File
Download (mobile_malware.rules)
  2824980 - ETPRO MALWARE PUP Win32/InstallMonstr.QJ CnC Beacon (malware.rules)
  2824981 - ETPRO MOBILE_MALWARE PUA Android/Skymobi.I Checkin
(mobile_malware.rules)
  2824982 - ETPRO MALWARE PUP Win32/Toolbar.Widgi.AE CnC Beacon (malware.rules)
  2824983 - ETPRO TROJAN Zeus Panda Domain in SNI (trojan.rules)
  2824984 - ETPRO TROJAN Zeus Panda Banker Injects SSL Certificate
Detected (trojan.rules)
  2824985 - ETPRO CURRENT_EVENTS Successful Thugnet Paypal Phish M1
Feb 15 2017 (current_events.rules)
  2824986 - ETPRO CURRENT_EVENTS Successful Thugnet Paypal Phish M2
Feb 15 2017 (current_events.rules)
  2824987 - ETPRO CURRENT_EVENTS Successful Thugnet Paypal Phish M3
Feb 15 2017 (current_events.rules)
  2824988 - ETPRO CURRENT_EVENTS Thugnet Phishing Landing M1 (Likely
Paypal) Feb 14 2017 (current_events.rules)
  2824989 - ETPRO CURRENT_EVENTS Thugnet Phishing Landing M2 (Likely
Paypal) Feb 14 2017 (current_events.rules)
  2824990 - ETPRO TROJAN Win32/TrojanDownloader.Agent.SCQ CnC Beacon
(trojan.rules)
  2824991 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Iop.x CnC Beacon
(mobile_malware.rules)


 [///]     Modified active rules:     [///]

  2016922 - ET TROJAN Backdoor family PCRat/Gh0st CnC traffic (trojan.rules)
  2821942 - ETPRO CURRENT_EVENTS Successful Outlook Phish Aug 31 2016
(current_events.rules)
  2824933 - ETPRO WEB_CLIENT Possible Adobe Flash MP4 parsing OOB
Memory Access M1 (CVE-2017-2984) (web_client.rules)
  2824948 - ETPRO TROJAN W32/Dragon BR Banker v1.x Checkin M1 (trojan.rules)


More information about the Emerging-updates mailing list