[***] Summary: [***] 20 New Open rules, 34 New Pro. PcRat/Gh0st, Zeus, DirtJumper, BeEF. Thanks to Kevin Ross and @EKwatcher. [+++] Added rules: [+++] Open: 2018075 - ET TROJAN Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 23 (trojan.rules)
2018076 - ET TROJAN Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 24 (trojan.rules)
2018077 - ET TROJAN Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 25 (trojan.rules)
2018078 - ET TROJAN W32/Kbot.Backdoor Variant CnC Beacon (trojan.rules)
2018079 - ET TROJAN W32.Blackshades/Shadesrat Backdoor CnC Beacon (trojan.rules)
2018080 - ET CURRENT_EVENTS W32/Zeus.InfoStealer Infection Campaign Pdf.exe Request (current_events.rules)
2018081 - ET CURRENT_EVENTS W32/Zeus.InfoStealer Infection Campaign Kia.exe Request (current_events.rules)
2018082 - ET CURRENT_EVENTS W32/Zeus.InfoStealer Infection Campaign Wav.exe Request (current_events.rules)
2018083 - ET CURRENT_EVENTS W32/Zeus.InfoStealer Infection Campaign Heap.exe Request (current_events.rules)
2018084 - ET MALWARE Suspicious User-Agent (gettingAnswer) (malware.rules)
2018085 - ET TROJAN Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 26 (trojan.rules)
2018086 - ET CURRENT_EVENTS Possible malicious zipped-executable (current_events.rules)
2018087 - ET INFO Control Panel Applet File Download (info.rules)
2018088 - ET WEB_CLIENT BeEF Cookie Outbound (web_client.rules)
2018089 - ET WEB_CLIENT Possible BeEF Default SSL Cert (web_client.rules)
2018090 - ET WEB_CLIENT Possible BeEF Module in use (web_client.rules)
2018091 - ET CURRENT_EVENTS Possible Flash Exploit CVE-2014-0497 (current_events.rules)
2018092 - ET WEB_SERVER Possible Oracle Reports Forms RCE CVE-2012-3152 (web_server.rules)
2018093 - ET WEB_SERVER Oracle Reports Parse Query Returned Creds CVE-2012-3153 (web_server.rules)
2018094 - ET TROJAN DirtJumper Activity (trojan.rules) Pro: 2807610 - ETPRO TROJAN DirtJumper DDoS (INBOUND) (trojan.rules)
2807611 - ETPRO TROJAN Trojan.Win32.Staser.ury CnC (OUTBOUND) (trojan.rules)
2807612 - ETPRO TROJAN Backdoor Lanfiltrator Checkin 2 (trojan.rules)
2807613 - ETPRO TROJAN Win32/Unis@mm Download (trojan.rules)
2807614 - ETPRO TROJAN Backdoor.Win32/Delf.DU IRC Checkin (trojan.rules)
2807615 - ETPRO TROJAN Win32/AgentBypass.gen!G Checkin 3 (trojan.rules)
2807616 - ETPRO TROJAN Win32/Spy.Agent.OIB Checkin (trojan.rules)
2807617 - ETPRO TROJAN Trojan.Win32.VBKrypt.ulrm Checkin (trojan.rules)
2807618 - ETPRO TROJAN Win32/TrojanDownloader.Banload.ROP Response (trojan.rules)
2807619 - ETPRO TROJAN Trojan.Win32.Fsysna.jnb Checkin (trojan.rules)
2807620 - ETPRO TROJAN Win32/Meredrop (trojan.rules)
2807621 - ETPRO TROJAN Zegost.Gen CnC (OUTBOUND) (trojan.rules)
2807622 - ETPRO MALWARE Win32.LazyMin.B IRC LOGIN (malware.rules)
2807623 - ETPRO TROJAN Trojan/AVKill.ar Checkin (trojan.rules)
[///] Modified active rules: [///] 2017128 - ET TROJAN Expiro Trojan Check-in (trojan.rules)
2806417 - ETPRO TROJAN Worm.Win32.Fujack.bw Checkin (trojan.rules)
Date: 
Wednesday, February 5, 2014 - 22:00