[Emerging-updates] Daily Ruleset Update Summary 2017/03/15

Travis Green tgreen at emergingthreats.net
Wed Mar 15 18:13:14 EDT 2017


 [***]            Summary:            [***]

 8 new Open signatures, 20 new Pro (8 + 12). Cryptfile2, Various Phishing,
Various Android


 [+++]          Added rules:          [+++]

  2024056 - ET TROJAN Win32/CryptFile2 Ransomware Checkin M3 (trojan.rules)
  2024057 - ET SHELLCODE Linux/x86-64 - Polymorphic Flush IPTables
Shellcode (shellcode.rules)
  2024058 - ET SHELLCODE Linux/x86-64 - Polymorphic Setuid(0) &
Execve(/bin/sh) Shellcode (shellcode.rules)
  2024059 - ET CURRENT_EVENTS Successful iCloud Phish Mar 15 2017
(current_events.rules)
  2024060 - ET CURRENT_EVENTS Successful Apple Phish M1 Mar 15 2017
(current_events.rules)
  2024061 - ET CURRENT_EVENTS Successful Apple Phish M2 Mar 15 2017
(current_events.rules)
  2024062 - ET EXPLOIT IBM WebSphere - RCE Java Deserialization
(exploit.rules)
  2024063 - ET EXPLOIT HP Smart Storage Administrator Remote Command
Injection (exploit.rules)
  2825462 - ETPRO TROJAN MSIL/Karmen Ransomware CnC Activity (trojan.rules)
  2825463 - ETPRO CURRENT_EVENTS Successful Facebook Phish Mar 15 2017
(current_events.rules)
  2825464 - ETPRO CURRENT_EVENTS Successful Orange.fr Webmail Phish Mar 15
2017 (current_events.rules)
  2825465 - ETPRO TROJAN Unknown MalDoc DNS Lookup (trojan.rules)
  2825466 - ETPRO CURRENT_EVENTS Successful Free.fr Phish M1 Mar 15 2017
(current_events.rules)
  2825467 - ETPRO CURRENT_EVENTS Successful Free.fr Phish M2 Mar 15 2017
(current_events.rules)
  2825468 - ETPRO CURRENT_EVENTS Successful Free.fr Phish M3 Mar 15 2017
(current_events.rules)
  2825469 - ETPRO MOBILE_MALWARE Android.Trojan.SmsSpy.T Checkin
(mobile_malware.rules)
  2825470 - ETPRO TROJAN Win32/Acronym Checkin (trojan.rules)
  2825471 - ETPRO MOBILE_MALWARE AdWare.AndroidOS.Ewind.bc Checkin
(mobile_malware.rules)
  2825472 - ETPRO MOBILE_MALWARE Android.Riskware.SMSReg.OD CnC Beacon
(mobile_malware.rules)
  2825473 - ETPRO MOBILE_MALWARE Android.KorBanker CnC Beacon 4
(mobile_malware.rules)


 [///]     Modified active rules:     [///]

  2810582 - ETPRO TROJAN WIN32/KOVTER.B Checkin 2 (trojan.rules)
  2822908 - ETPRO CURRENT_EVENTS Possible Successful Generic Phish (set)
Oct 25 (current_events.rules)


 [---]         Removed rules:         [---]

  2825433 - ETPRO EXPLOIT Possible Edge OOB Read Vulnerability
(CVE-2017-0131) (exploit.rules)


-- 
PGP: 0xBED7B297
<https://pgp.mit.edu/pks/lookup?op=get&search=0x6B68453CBED7B297>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20170315/da1423a7/attachment.html>


More information about the Emerging-updates mailing list