[***] Summary: [***]
2 new Open signatures, 5 new Pro (2+3). OneLouder, Various Android.
Thanks: @EKWatcher
[+++] Added rules: [+++]
Open:
2018463 - ET CURRENT_EVENTS possible OneLouder header structure (current_events.rules)
2018464 - ET CURRENT_EVENTS OneLouder EXE download possibly installing Zeus P2P (current_events.rules)
Pro:
2808035 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.Agent.fe Checkin (mobile_malware.rules)
2808036 - ETPRO MOBILE_MALWARE Android/TrojanSMS.Agent.QO Checkin (mobile_malware.rules)
2808037 - ETPRO MOBILE_MALWARE RiskTool.AndroidOS.SMSreg.cw Checkin 2 (mobile_malware.rules)
[///] Modified active rules: [///]
2018330 - ET CURRENT_EVENTS DRIVEBY Possible CritX/SafePack/FlashPack IE Exploit (current_events.rules)
2018367 - ET MALWARE W32/iBryte.Adware Affiliate Campaign Executable Download (malware.rules)
2018407 - ET CURRENT_EVENTS Fiesta URI Struct (current_events.rules)
[---] Removed rules: [---]
2000016 - ET DOS SSL Bomb DoS Attempt (dos.rules)
2803188 - ETPRO TROJAN Cnaddare.A/Fednu.c/Adware Checkin to Server flowbit set (trojan.rules)
2803189 - ETPRO TROJAN Cnaddare.A/Fednu.c/Adware Response from CnC Server (trojan.rules)
2 new Open signatures, 5 new Pro (2+3). OneLouder, Various Android.
Thanks: @EKWatcher
[+++] Added rules: [+++]
Open:
2018463 - ET CURRENT_EVENTS possible OneLouder header structure (current_events.rules)
2018464 - ET CURRENT_EVENTS OneLouder EXE download possibly installing Zeus P2P (current_events.rules)
Pro:
2808035 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.Agent.fe Checkin (mobile_malware.rules)
2808036 - ETPRO MOBILE_MALWARE Android/TrojanSMS.Agent.QO Checkin (mobile_malware.rules)
2808037 - ETPRO MOBILE_MALWARE RiskTool.AndroidOS.SMSreg.cw Checkin 2 (mobile_malware.rules)
[///] Modified active rules: [///]
2018330 - ET CURRENT_EVENTS DRIVEBY Possible CritX/SafePack/FlashPack IE Exploit (current_events.rules)
2018367 - ET MALWARE W32/iBryte.Adware Affiliate Campaign Executable Download (malware.rules)
2018407 - ET CURRENT_EVENTS Fiesta URI Struct (current_events.rules)
[---] Removed rules: [---]
2000016 - ET DOS SSL Bomb DoS Attempt (dos.rules)
2803188 - ETPRO TROJAN Cnaddare.A/Fednu.c/Adware Checkin to Server flowbit set (trojan.rules)
2803189 - ETPRO TROJAN Cnaddare.A/Fednu.c/Adware Response from CnC Server (trojan.rules)
Date:
Sunday, May 11, 2014 - 22:00