[***] Summary [***] 20 New Open, 27 New Pro (20/7). Virut, Apache Tomcat, BlackPOS. Thanks: Travis Green, Eoin Miller, Jake Warren, Ryan Moon, vlinteligence, @EKwatcher [+++] Added rules: [+++] Open: 2018109 - ET TROJAN Trojan-Dropper.Win32.Dapato.cblv Checkin (trojan.rules)
2018110 - ET TROJAN Win32.Blackbeard Downloader (trojan.rules)
2018111 - ET TROJAN Win32.Sality.bh Checkin (trojan.rules)
2018112 - ET TROJAN Trojan/Win32.FraudPack User-Agent (Downloader MLR 1.0.0) (trojan.rules)
2018113 - ET WEB_SERVER Apache Tomcat Boundary Overflow DOS/File Upload Attempt (web_server.rules)
2018114 - ET TROJAN DNS Query for Known Chewbacca CnC Server (trojan.rules)
2018115 - ET TROJAN FTP File Upload - BlackPOS Naming Scheme (trojan.rules)
2018116 - ET TROJAN MS Remote Desktop edc User Login Request (trojan.rules)
2018117 - ET TROJAN Possible Cryptolocker Sinkhole banner (trojan.rules)
2018118 - ET WEB_SERVER Recon-ng User-Agent (web_server.rules)
2018119 - ET TROJAN Banking Trojan HTTP Cookie (trojan.rules)
2018120 - ET TROJAN Blackbeard Check-in (trojan.rules)
2018121 - ET TROJAN Onkods.A Downloader Checkin (trojan.rules)
2018122 - ET TROJAN Linkup Ransomware check-in (trojan.rules)
2018123 - ET TROJAN Win32/Almanahe.B Checkin (trojan.rules)
2018124 - ET TROJAN MS Remote Desktop micros User Login Request (trojan.rules)
2018125 - ET CURRENT_EVENTS SUSPICIOUS .PIF File Inside of Zip (current_events.rules)
2018126 - ET CURRENT_EVENTS SUSPICIOUS .CPL File Inside of Zip (current_events.rules)
2018127 - ET CURRENT_EVENTS Goon EK Java JNLP URI Struct Feb 12 2014 (current_events.rules)
2018128 - ET TROJAN Infostealer.Jackpos Checkin 2 (trojan.rules) Pro: 2807663 - ETPRO TROJAN Trojan-Ransom.Win32.Blocker.aqkg Checkin (trojan.rules)
2807664 - ETPRO TROJAN Trojan.Win32.Badur.gqit Checkin (trojan.rules)
2807665 - ETPRO TROJAN Win32/Purplemood.A Checkin via SMTP (trojan.rules)
2807666 - ETPRO TROJAN Virus.Win32.Virut.ce Checkin 5 (trojan.rules)
2807667 - ETPRO TROJAN Virus.Win32.Virut.ce Checkin 6 (trojan.rules)
2807668 - ETPRO TROJAN W32/KeyLogger.OFP!tr.spy Response (trojan.rules)
2807669 - ETPRO TROJAN Infostealer.Jackpos Checkin 2 (trojan.rules)
[///] Modified active rules: [///] 2018041 - ET CURRENT_EVENTS Current Asprox Spam Campaign (current_events.rules)
2018086 - ET CURRENT_EVENTS Possible malicious zipped-executable (current_events.rules)
[---] Removed rules: [---] 2014844 - ET TROJAN Probable Golfhole exploit kit landing page #2 (trojan.rules)
2014845 - ET TROJAN Probable Golfhole exploit kit binary download #2 (trojan.rules)
2804783 - ETPRO TROJAN Win32.Sality.bh Checkin (trojan.rules)
2806103 - ETPRO TROJAN Trojan-Dropper.Win32.Dapato.cblv Checkin (trojan.rules)
2807174 - ETPRO TROJAN Trojan/Win32.FraudPack User-Agent (Downloader MLR 1.0.0) (trojan.rules)
2807524 - ETPRO TROJAN Win32.Blackbeard Downloader (trojan.rules)
Date: 
Tuesday, February 11, 2014 - 22:00