[***] Summary: [***] 11 new Open signatures, 21 new Pro (11 + 10). Various Android, Ursnif, Twiki RCE, Neverquest. Thanks: Seth Elo, vlintelligence, John Babio, Jake Warren and @rmkml. [+++] Added rules: [+++] Open: 2019376 - ET CURRENT_EVENTS Napolar SSL Cert Oct 9 2014 (current_events.rules)
2019377 - ET TROJAN Win32/Ursnif Checkin (trojan.rules)
2019378 - ET TROJAN Win32/PSW.Papras.CK Checkin (trojan.rules)
2019379 - ET TROJAN Win32/PSW.Papras.CK file upload (trojan.rules)
2019380 - ET TROJAN Gozi/Ursnif/Papras Connectivity Check (trojan.rules)
2019381 - ET TROJAN Win32/Ursnif Connectivity Check (trojan.rules)
2019382 - ET CURRENT_EVENTS Win32/Zbot SSL Cert Oct 9 2014 (current_events.rules)
2019383 - ET POLICY gogo6/Freenet6 Authentication Attempt (policy.rules)
2019384 - ET TROJAN Neverquest Request URI Struct (trojan.rules)
2019385 - ET CURRENT_EVENTS Possible TWiki RCE attempt (current_events.rules)
2019386 - ET CURRENT_EVENTS Possible TWiki Apache config file upload attempt (current_events.rules) Pro: 2808959 - ETPRO DOS Unknown (hello) (dos.rules)
2808960 - ETPRO MOBILE_MALWARE Android.Monitor.Pdaspy.A Checkin (mobile_malware.rules)
2808961 - ETPRO TROJAN Mal/Emogen-R Checkin (trojan.rules)
2808962 - ETPRO MOBILE_MALWARE Android/Pholoc.C Checkin (mobile_malware.rules)
2808963 - ETPRO MOBILE_MALWARE Android/Pholoc.C Checkin 2 (mobile_malware.rules)
2808964 - ETPRO POLICY what-is-my-ip.net IP Check (policy.rules)
2808965 - ETPRO TROJAN Win32/Bronzestatuen Checkin (trojan.rules)
2808966 - ETPRO MOBILE_MALWARE Android.Monitor.Spy2mobile.A Checkin (mobile_malware.rules)
2808967 - ETPRO MOBILE_MALWARE Android/Spyinfo.A Checkin (mobile_malware.rules)
2808968 - ETPRO MOBILE_MALWARE Android/Spyinfo.A Checkin 2 (mobile_malware.rules)
[///] Modified active rules: [///] 2000596 - ET MALWARE Gator/Claria Data Submission (malware.rules)
2002858 - ET MALWARE Fun Web Products StationaryChooser Spyware (malware.rules)
2018336 - ET TROJAN Asprox Fake Ximian Evolution X-Mailer Header (XimianEvolution1.4.6) (trojan.rules)
2019286 - ET TROJAN Job314 EK Payload Checkin (trojan.rules)
2019365 - ET WEB_SPECIFIC_APPS Bugzilla token.cgi HPP e-mail validation bypass Attempt Client Body (web_specific_apps.rules)
2019375 - ET CURRENT_EVENTS Possible Sweet Orange redirection Oct 8 2014 (current_events.rules)
2806675 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.Antammi.a Checkin (mobile_malware.rules)
2807930 - ETPRO TROJAN Win32.Boaxxe Trojan Checkin (trojan.rules)
2808102 - ETPRO MOBILE_MALWARE Android/Uten.A Checkin (mobile_malware.rules)
2808944 - ETPRO TROJAN Win32/Comame Checkin (trojan.rules)
[---] Removed rules: [---] 2007865 - ET MALWARE Winreanimator.com Fake AV Install Attempt (malware.rules)
2019351 - ET CURRENT_EVENTS Possible Sweet Orange Secondary Landing (current_events.rules)
2019356 - ET TROJAN W32/SpyClicker.ClickFraud Click CnC Beacon (trojan.rules)
2803297 - ETPRO TROJAN Win32/Hupigon.FI Checkin (trojan.rules)
2805454 - ETPRO TROJAN BackDoor.Pigeon.45938/Hupigon Checkin (trojan.rules)
2805457 - ETPRO TROJAN Backdoor.Win32.Hupigon.BV Checkin (trojan.rules)
2807443 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.Svpeng.a Checkin (mobile_malware.rules)
2808397 - ETPRO TROJAN Gozi/Ursnif/Papras Connectivity Check (trojan.rules)
2808537 - ETPRO TROJAN Win32/PSW.Papras.CK file upload (trojan.rules)
2808547 - ETPRO TROJAN Win32/Ursnif Connectivity Check (trojan.rules)
2808578 - ETPRO TROJAN Win32/PSW.Papras.CK Checkin (trojan.rules)
Date: 
Wednesday, October 8, 2014 - 22:00