[***] Summary: [***] 7 new Open rules, 13 new Pro (7/5). TDS, Symantec Endpoint Manager XXE RCE, Various Android. Thanks: @MalwareMustDie ,@kafeine, Jake Warren, Ify Ajokubi, Kevin Ross [+++] Added rules: [+++] Open: 2018172 - ET CURRENT_EVENTS SUSPICIOUS Java Lang Runtime in Response (current_events.rules)
2018174 - ET MALWARE RelevantKnowledge Adware CnC Beacon (malware.rules)
2018175 - ET CURRENT_EVENTS SUSPICIOUS XXTEA UTF-16 Encoded HTTP Response (current_events.rules)
2018176 - ET WEB_SPECIFIC_APPS Symantec Endpoint Manager XXE RCE Attempt (web_specific_apps.rules)
2018177 - ET CURRENT_EVENTS OnClick Anti-BOT TDS POST Feb 25 2014 (current_events.rules)
2018178 - ET CURRENT_EVENTS OnClick Anti-BOT TDS Hidden Form Feb 25 2014 (current_events.rules)
2018179 - ET CURRENT_EVENTS Obfuscation Technique Used in CVE-2014-0322 Attacks (current_events.rules) Pro: 2807730 - ETPRO TROJAN Win32/Ceckno.D Checkin (trojan.rules)
2807731 - ETPRO TROJAN Win32.Dialer.asuj Checkin (trojan.rules)
2807732 - ETPRO MOBILE_MALWARE Monitor.AndroidOS.Gizmo.a Checkin (mobile_malware.rules)
2807733 - ETPRO MOBILE_MALWARE Android/TrojanSMS.FakeInst.CG Checkin (mobile_malware.rules)
2807734 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.Opfake.bo Checkin 3 (mobile_malware.rules)
[///] Modified active rules: [///] 2003635 - ET TROJAN Generic Password Stealer User Agent Detected (RookIE) (trojan.rules)
2013186 - ET CURRENT_EVENTS Win32.Renos/Artro Trojan Checkin (current_events.rules)
2018125 - ET CURRENT_EVENTS SUSPICIOUS .PIF File Inside of Zip (current_events.rules)
2018153 - ET TROJAN Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 27 (trojan.rules)
2805335 - ETPRO TROJAN Win32/Renos Checkin 3 (trojan.rules)
2807245 - ETPRO TROJAN Variant.Zusy.71154 Checkin (trojan.rules)
[---] Removed rules: [---] 2807693 - ETPRO WORM win32.Gaobot (worm.rules)
Date: 
Tuesday, February 25, 2014 - 00:00