[***] Summary: [***]

32 new Open signatures 36 new Pro (32 + 4). CVE-2014-6271, Arris Cable Modem Backdoor, Android.Trojan.Magwei.A, W32/Banker.

Please note that the generic HTTP URLENCODE sids 2019244 - 2019273 are disabled by default.

[+++] Added rules: [+++]

2019241 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in Client Body 3 (web_server.rules)
2019243 - ET TROJAN Infostealer.Boleteiro checking stoled boleto payment information (trojan.rules)
2019244 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 1 (web_server.rules)
2019245 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 2 (web_server.rules)
2019246 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 3 (web_server.rules)
2019247 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 4 (web_server.rules)
2019248 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 5 (web_server.rules)
2019249 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 6 (web_server.rules)
2019250 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 7 (web_server.rules)
2019251 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 8 (web_server.rules)
2019252 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 9 (web_server.rules)
2019253 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 10 (web_server.rules)
2019254 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 11 (web_server.rules)
2019255 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 12 (web_server.rules)
2019256 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 13 (web_server.rules)
2019257 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 14 (web_server.rules)
2019258 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 15 (web_server.rules)
2019259 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 16 (web_server.rules)
2019260 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 17 (web_server.rules)
2019261 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 18 (web_server.rules)
2019262 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 19 (web_server.rules)
2019263 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 20 (web_server.rules)
2019264 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 21 (web_server.rules)
2019265 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 22 (web_server.rules)
2019266 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 23 (web_server.rules)
2019267 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 24 (web_server.rules)
2019268 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 25 (web_server.rules)
2019269 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 26 (web_server.rules)
2019270 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 27 (web_server.rules)
2019271 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 28 (web_server.rules)
2019272 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 29 (web_server.rules)
2019273 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 30 (web_server.rules)

Pro:

2808892 - ETPRO EXPLOIT Arris Cable Modem Backdoor GET request (exploit.rules)
2808893 - ETPRO TROJAN W32/Banker.AAUS!tr.spy Checkin (trojan.rules)
2808894 - ETPRO MOBILE_MALWARE Android.Trojan.Magwei.A Checkin (mobile_malware.rules)
2808895 - ETPRO MOBILE_MALWARE Android.Trojan.Magwei.A Checkin 2 (mobile_malware.rules)

[///] Modified active rules: [///]

2019234 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in Client Body 2 (web_server.rules)
2019237 - ET EXPLOIT Possible CVE-2014-6271 exploit attempt via malicious DHCP ACK (exploit.rules)
2808178 - ETPRO MOBILE_MALWARE Android.Monitor.Spyera.A Checkin (mobile_malware.rules)

[---] Removed rules: [---]

2019238 - ET EXPLOIT Possible CVE-2014-6271 exploit attempt via malicious DHCP ACK - option 67 (exploit.rules)
Date: 
Wednesday, September 24, 2014 - 22:00