[***] Summary: [***] 6 new Open rules, 16 new Pro (6/10). Kraddare, Mamianune, Autoit, AnglerEK, Java/Jacksbot. Thanks to: @EKwatcher and @c_APT_ure [+++] Added rules: [+++] Open: 2017982 - ET MALWARE Suspicious User-Agent 100 non-printable char (malware.rules)
2017983 - ET TROJAN Java/Jacksbot Check-in (trojan.rules)
2017984 - ET CURRENT_EVENTS Angler EK encrypted binary (1) Jan 17 2013 (current_events.rules)
2017985 - ET CURRENT_EVENTS Angler EK encrypted binary (2) Jan 17 2013 (current_events.rules)
2017986 - ET CURRENT_EVENTS Angler EK encrypted binary (3) Jan 17 2013 (current_events.rules)
2017987 - ET CURRENT_EVENTS Upatre SSL Compromised site appsredeeem (current_events.rules) Pro: 2807486 - ETPRO TROJAN Worm.Win32/Mamianune.gen spreading via SMTP (trojan.rules)
2807487 - ETPRO MALWARE Win32.Kraddare.FZ Checkin (malware.rules)
2807488 - ETPRO MALWARE Win32.Kraddare.FZ Update (malware.rules)
2807489 - ETPRO TROJAN Win32/Layrui.A Checkin (trojan.rules)
2807490 - ETPRO TROJAN Trojan-Dropper.Win32.Sysn.aajj Checkin (trojan.rules)
2807491 - ETPRO SCADA IntegraXor Stack Buffer Overflow (scada.rules)
2807492 - ETPRO MALWARE Adware.NetBoad User-Agent (Netboan) (malware.rules)
2807493 - ETPRO MALWARE Adware.NetBoad Checkin (malware.rules)
2807494 - ETPRO TROJAN Trojan-Dropper.Win32.Sysn.aajj Checkin 2 (trojan.rules)
2807495 - ETPRO TROJAN Trojan.Win32.Autoit.zk Checkin (trojan.rules)
[///] Modified active rules: [///] 2017191 - ET TROJAN Win32/Kelihos.F Checkin (trojan.rules)
2017569 - ET CURRENT_EVENTS Angler EK Landing Page (current_events.rules)
2017729 - ET CURRENT_EVENTS Angler Landing Nov 18 2013 (current_events.rules)
2017732 - ET CURRENT_EVENTS Possible Styx/Angler SilverLight Exploit (current_events.rules)
2017975 - ET CURRENT_EVENTS Possible AnglerEK Landing URI Struct (current_events.rules)
Date: 
Thursday, January 16, 2014 - 22:00