[***] Summary: [***]

3 new Open signatures, 15 new Pro (3+12). CyberGate RAT, Lightmoon.H, XShell RAT, Various Android.

Thanks: Kevin Ross.

[+++] Added rules: [+++]

Open:

2018659 - ET TROJAN CyberGate RAT Checkin (trojan.rules)
2018660 - ET TROJAN CyberGate RAT User-Agent (USER_CHECK) (trojan.rules)
2018661 - ET TROJAN Win32/Zemot Config Download (trojan.rules)

Pro:

2808306 - ETPRO TROJAN Virus.Win32.Virut.ce Checkin 7 (trojan.rules)
2808307 - ETPRO TROJAN Win32/Lightmoon.H spreading via SMTP (trojan.rules)
2808308 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.Elpso.a Checkin (mobile_malware.rules)
2808309 - ETPRO TROJAN Win32/Beaugrit.gen!AAA Checkin (trojan.rules)
2808310 - ETPRO TROJAN Win32/Tesyong.A CnC (OUTBOUND) (trojan.rules)
2808311 - ETPRO MOBILE_MALWARE Android/Hyspu.A Checkin (mobile_malware.rules)
2808312 - ETPRO TROJAN Win32/Meac.A CnC (OUTBOUND) (trojan.rules)
2808313 - ETPRO TROJAN Win32.Tavex.A Checkin 2 (trojan.rules)
2808314 - ETPRO TROJAN Win32.Tavex.A Checkin 1 (trojan.rules)
2808315 - ETPRO MALWARE Adware.Kraddare.V Checkin (malware.rules)
2808316 - ETPRO TROJAN XShell RAT (trojan.rules)
2808317 - ETPRO MALWARE Adware.StartPage.AUB (malware.rules)

[///] Modified active rules: [///]

2018545 - ET CURRENT_EVENTS CottonCastle EK Jar Download Method 2 (current_events.rules)
2805629 - ETPRO POLICY TornTV data download starter (policy.rules)
2806668 - ETPRO TROJAN Win32.Jorik.Agent.mi 3 (trojan.rules)
2808078 - ETPRO TROJAN Win32/Webprefix Checkin (trojan.rules)
2808300 - ETPRO WEB_CLIENT Possible Internet Explorer Vulnerability CVE-2014-2797 (web_client.rules)

[---] Removed rules: [---]

2808291 - ETPRO MALWARE Win32/Illyx.A Checkin (malware.rules)
Date: 
Tuesday, July 8, 2014 - 22:00