[***] Summary: [***] 10 new Open rules, 18 new Pro (10/8). CritX, Various AndroidOS. Thanks: Kevin Ross. [+++] Added rules: [+++] Open: 2018231 - ET INFO SUSPICIOUS .scr file download (info.rules)
2018232 - ET CURRENT_EVENTS Possible ZyXELs ZynOS Configuration Download Attempt (Contains Passwords) (current_events.rules)
2018233 - ET INFO JAR Sent Claiming To Be Image - Likely Exploit Kit (info.rules)
2018234 - ET INFO JAR Sent Claiming To Be Text Content - Likely Exploit Kit (info.rules)
2018235 - ET CURRENT_EVENTS CritX/SafePack/FlashPack CVE-2013-2551 (current_events.rules)
2018236 - ET CURRENT_EVENTS CritX/SafePack/FlashPack SilverLight Secondary Landing (current_events.rules)
2018237 - ET CURRENT_EVENTS CritX/SafePack/FlashPack SilverLight file as eot (current_events.rules)
2018238 - ET CURRENT_EVENTS Possible Safe/CritX/FlashPack Common Filename javadb.php (current_events.rules)
2018239 - ET CURRENT_EVENTS Possible Safe/CritX/FlashPack Common Filename javaim.php (current_events.rules)
2018240 - ET CURRENT_EVENTS Possible Safe/CritX/FlashPack Common Filename javarh.php (current_events.rules) Pro: 2807785 - ETPRO TROJAN IM-Worm.Win32.Steckt.dp Checkin (trojan.rules)
2807786 - ETPRO MOBILE_MALWARE AndroidOS/OpFakeSms.C Checkin (mobile_malware.rules)
2807787 - ETPRO TROJAN Trojan.Win32.StartPage.arra Checkin (trojan.rules)
2807788 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Blocal.a Checkin (mobile_malware.rules)
2807789 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Blocal.a Checkin 2 (mobile_malware.rules)
2807790 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Blocal.a Checkin 3 (mobile_malware.rules)
2807791 - ETPRO MALWARE Win32/Adware.Kraddare.HB Checkin (malware.rules)
2807792 - ETPRO TROJAN Win32/Obfuscator.XZ Checkin 3 (trojan.rules)
[///] Modified active rules: [///] 2008474 - ET MALWARE Adware.Look2Me Activity (malware.rules)
2014271 - ET TROJAN Win32/Cutwail.BE Checkin 1 (trojan.rules)
2014272 - ET TROJAN Win32/Cutwail.BE Checkin 2 (trojan.rules)
2016751 - ET CURRENT_EVENTS RedKit/Sakura/CritX/SafePack/FlashPack applet + obfuscated URL Apr 10 2013 (current_events.rules) 2807756 - ETPRO TROJAN Backdoor.Win32.SdBot CnC via IRC (trojan.rules)
[---] Disabled and modified rules: [---] 2807717 - ETPRO WEB_CLIENT Adobe Reader Double Free CVE-2014-0493 1 (web_client.rules)
[---] Removed rules: [---] 2008342 - ET TROJAN Suspicious User-Agent (ld) (trojan.rules)
2014291 - ET TROJAN W32/Backdoor.Kbot Config Retrieval (trojan.rules)
2807325 - ETPRO MALWARE AdWare.Win32.Look2Me.ab Checkin (malware.rules)
Date: 
Thursday, March 6, 2014 - 22:00