[***] Summary: [***] 4 new Open rules, 9 new Pro (4/5). More Heartbleed, Various Android, Win32.Genome. [+++] Added rules: [+++] Open: 2018375 - ET CURRENT_EVENTS TLS HeartBeat Request (Server Intiated) fb set (current_events.rules)
2018376 - ET CURRENT_EVENTS TLS HeartBeat Request (Client Intiated) fb set (current_events.rules)
2018377 - ET CURRENT_EVENTS Possible OpenSSL HeartBleed Large HeartBeat Response (Client Init Vuln Server) (current_events.rules)
2018378 - ET CURRENT_EVENTS Possible OpenSSL HeartBleed Large HeartBeat Response (Server Init Vuln Client) (current_events.rules) Pro: 2807937 - ETPRO TROJAN Trojan-Downloader.Win32.Genome.fxjh Checkin (trojan.rules)
2807938 - ETPRO MOBILE_MALWARE Android/SmsSpy.X Checkin (mobile_malware.rules)
2807939 - ETPRO MOBILE_MALWARE Android/SmsSpy.X Checkin 2 (mobile_malware.rules)
2807940 - ETPRO TROJAN Backdoor.Win32.Agent.bg Checkin (trojan.rules)
2807941 - ETPRO TROJAN Trojan.Win32.Blocker.ctrojn Checkin (trojan.rules)
[///] Modified active rules: [///] 2003171 - ET SCAN IBM NSA User Agent (scan.rules)
2014726 - ET POLICY Outdated Windows Flash Version IE (policy.rules)
2014727 - ET POLICY Outdated Mac Flash Version (policy.rules)
2018281 - ET TROJAN Possible Netwire RAT Client HeartBeat C1 (no alert) (trojan.rules)
2018282 - ET TROJAN Possible Netwire RAT Client HeartBeat S1 (no alert) (trojan.rules)
2805345 - ETPRO TROJAN Troj/Mdrop-DXT checkin 1 (trojan.rules)
2805378 - ETPRO MALWARE Porn-Dialer.Win32.PluginAccess.gen Checkin (malware.rules)
2805448 - ETPRO TROJAN Win32.Viking.bb Checkin (trojan.rules)
[---] Removed rules: [---] 2403329 - ET CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules)
2403330 - ET CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules)
2405091 - ET CNC Shadowserver Reported CnC Server Port 53381 Group 1 (botcc.portgrouped.rules)
2405092 - ET CNC Shadowserver Reported CnC Server Port 54321 Group 1 (botcc.portgrouped.rules)
2405093 - ET CNC Shadowserver Reported CnC Server Port 58914 Group 1 (botcc.portgrouped.rules)
2805346 - ETPRO TROJAN Troj/Mdrop-DXT checkin 2 (trojan.rules)

 

Date: 
Tuesday, April 8, 2014 - 22:00