[***] Summary: [***] 6 new Open signatures, 9 new Pro (6+3). Zeus, Agentb.apga, Tepfer.InfoStealer. Thanks: Kevin Ross, tdzmont, @EKwatcher. [+++] Added rules: [+++] Open: 2018412 - ET TROJAN Trojan-Spy.Win32.Zbot.qgxi Checkin (trojan.rules)
2018413 - ET CURRENT_EVENTS Probable OneLouder downloader (Zeus P2P) (current_events.rules)
2018414 - ET CURRENT_EVENTS possible OneLouder downloader installing Zeus P2P (current_events.rules)
2018415 - ET TROJAN W32/Tepfer.InfoStealer CnC Beacon (trojan.rules)
2018416 - ET TROJAN ftpchk3.php upload attempted (trojan.rules)
2018417 - ET TROJAN ftpchk3.php possible upload success (trojan.rules) Pro: 2807979 - ETPRO TROJAN Trojan.Win32.Agentb.apga Checkin (trojan.rules)
2807980 - ETPRO TROJAN Trojan.Win32.Agentb.apga Checkin 2 (trojan.rules)
2807981 - ETPRO MOBILE_MALWARE Android/TrojanSMS.Feejar.D Checkin (mobile_malware.rules)
[///] Modified active rules: [///] 2013346 - ET TROJAN PSW.Win32.Ruftar.lon File Stealer FTP File Upload (trojan.rules)
2013720 - ET TROJAN Win32/Wapomi.AD Variant Checkin (trojan.rules)
2018382 - ET CURRENT_EVENTS Possible OpenSSL HeartBleed Large HeartBeat Response from Common SSL Port (Outbound from Server) (current_events.rules)
2018383 - ET CURRENT_EVENTS Possible OpenSSL HeartBleed Large HeartBeat Response from Common SSL Port (Outbound from Client) (current_events.rules)
2807876 - ETPRO TROJAN Backdoor.Win32/Tofsee.F Checkin (trojan.rules)
[---] Removed rules: [---] 2003542 - ET MALWARE Bravesentry.com/Protectwin.com Fake Antispyware Reporting (malware.rules)
2013344 - ET TROJAN Unknown Trojan Checkin to CnC Server (trojan.rules)
2017658 - ET TROJAN Unknown Trojan Secondary Download (trojan.rules)
2017659 - ET TROJAN Unknown Trojan Download (trojan.rules)
2807160 - ETPRO TROJAN Trojan-Spy.Win32.Zbot.qgxi Checkin (trojan.rules)

 

Date: 
Tuesday, April 22, 2014 - 22:00