[***] Summary: [***]

5 new Open signatures, 18 new Pro (5+13). NewPosThings, Sefnit.R, TROJANCLICKER.MSIL UFONet DDoS activity.

Thanks: Jake Warren.

[+++] Added rules: [+++]

Open:

2019197 - ET TROJAN NewPosThings Checkin (trojan.rules)
2019198 - ET TROJAN NewPosThings Data Exfiltration (trojan.rules)
2019199 - ET TROJAN NewPosThings POST with Fake UA and Accept Header (trojan.rules)
2019200 - ET CURRENT_EVENTS Possible Dyre SSL Cert Sept 19 2014 (current_events.rules)
2019201 - ET TROJAN Backdoor.Win32/PcClient.AA Checkin (trojan.rules)

Pro:

2808848 - ETPRO TROJAN Win32/Sefnit.R Checkin (trojan.rules)
2808849 - ETPRO TROJAN Win32.CFPass.dcb Checkin (trojan.rules)
2808850 - ETPRO TROJAN Troj/Buzus-CZ checkin (trojan.rules)
2808851 - ETPRO TROJAN Win32/Spy.Rehtesyk.A Checkin 1 (trojan.rules)
2808852 - ETPRO TROJAN Win32/Spy.Rehtesyk.A Checkin 2 (trojan.rules)
2808853 - ETPRO TROJAN W32/Banker.GAJ!tr Checkin via SMTP (trojan.rules)
2808854 - ETPRO TROJAN TROJANCLICKER.MSIL/EZBRO.A Checkin (trojan.rules)
2808855 - ETPRO TROJAN TROJANCLICKER.MSIL/EZBRO.A Keep-Alive (trojan.rules)
2808856 - ETPRO WEB_SPECIFIC_APPS Possible UFONet DDoS Participation (web_specific_apps.rules)
2808857 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.FakeInst.a Checkin 5 (mobile_malware.rules)
2808858 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.FakeInst.a Response (mobile_malware.rules)
2808859 - ETPRO TROJAN W32/Scribble-B CnC via IRC (trojan.rules)
2808860 - ETPRO TROJAN Win32/Ramnit.A Checkin (trojan.rules)

[///] Modified active rules: [///]

2017505 - ET TROJAN Gh0st Trojan CnC 2 (trojan.rules)
2806414 - ETPRO TROJAN FakeAV-BT Checkin (trojan.rules)
2808721 - ETPRO MOBILE_MALWARE Android/Tekwon.A Checkin 2 (mobile_malware.rules)
Date: 
Thursday, September 18, 2014 - 22:00