Daily Ruleset Update Summary 2014/05/02

[***] Summary: [***]

4 new Open signatures, 9 new Pro (4+5). Goon/Infinity EK, Various Android, Apache Struts RCE.

[+++] Added rules: [+++]

Open:

2018439 - ET CURRENT_EVENTS Common Bad Actor Indicators Used in Various Targeted 0-day Attacks (current_events.rules)
2018440 - ET CURRENT_EVENTS DRIVEBY Goon/Infinity EK Landing May 05 2014 (current_events.rules)
2018441 - ET CURRENT_EVENTS Goon/Infinity URI Struct EK Landing May 05 2014 (current_events.rules)
2018442 - ET CURRENT_EVENTS 32-byte by 32-byte PHP EK Gate with HTTP POST (current_events.rules)

Pro:

2808011 - ETPRO EXPLOIT Apache Struts ClassLoader Remote Code Execution (exploit.rules)
2808012 - ETPRO TROJAN unknown google.com connectivity check (trojan.rules)
2808013 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.o Checkin 3 (mobile_malware.rules)
2808014 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.o Checkin 4 (mobile_malware.rules)
2808015 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.o Checkin 5 (mobile_malware.rules)

[---] Removed rules: [---]

2808000 - ETPRO CURRENT_EVENTS Common Group Indicators Used in Various Targeted 0-day Attacks (current_events.rules)
Date: 
Friday, May 2, 2014 - 00:00