[***] Summary: [***]

8 new Open signatures, 14 new Pro (8+6). Dyre, CVE-2014-6271, Flashpack, Bredolap/Rebhip/Bifrose, Win32.TrojanDropper.

Thanks: @EKwatcher and @kafeine.

[+++] Added rules: [+++]   

Open:

2019318 - ET MOBILE_MALWARE Android/Code4hk.A Checkin (mobile_malware.rules)
2019319 - ET CURRENT_EVENTS Possible Dyre SSL Cert Sept 30 2014 (current_events.rules)
2019320 - ET CURRENT_EVENTS Possible Dyre SSL Cert Sept 30 2014 (current_events.rules)
2019321 - ET CURRENT_EVENTS Upatre redirector 29 Sept 2014 - POST (current_events.rules)
2019322 - ET EXPLOIT Possible OpenVPN CVE-2014-6271 attempt (exploit.rules)
2019323 - ET EXPLOIT Possible OpenVPN CVE-2014-6271 attempt (exploit.rules)
2019324 - ET CURRENT_EVENTS suspicious embedded zip file in web page (current_events.rules)
2019325 - ET CURRENT_EVENTS Flashpack Redirect Method 3 (current_events.rules)

Pro:

2808915 - ETPRO TROJAN Trojan.FakeAlert.CAF Checkin (trojan.rules)
2808916 - ETPRO TROJAN Bredolap/Rebhip/Bifrose Checkin 2 (trojan.rules)
2808918 - ETPRO MOBILE_MALWARE Android/SMSreg.BI Checkin (mobile_malware.rules)
2808920 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.Agent.mj Checkin (mobile_malware.rules)
2808921 - ETPRO TROJAN DDoS.XOR Checkin (trojan.rules)
2808922 - ETPRO TROJAN Win32.TrojanDropper.Startpage.klpp Checkin (trojan.rules)

[///] Modified active rules: [///]

2003437 - ET P2P Ares over UDP (p2p.rules)
2019134 - ET CURRENT_EVENTS Flashpack Redirect Method 2 (current_events.rules)
2808536 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.Recal.a Checkin (mobile_malware.rules)
2808800 - ETPRO TROJAN Win32.Llac.bbeh downloading files (trojan.rules)

[---] Removed rules: [---]

2007975 - ET TROJAN Common Downloader Trojan Checkin (trojan.rules)
2008344 - ET TROJAN Suspicious User-Agent (DownloadNetFile) (trojan.rules)
Date: 
Monday, September 29, 2014 - 22:00