[***] Summary: [***] 3 new Open signatures, 6 new Pro (3 + 3). Postfix CVE-2014-6271, FlashPlayer CVE-2014-0551. Thanks: Jake Warren, bunk3m, @rmkml, @abuse_ch. [+++] Added rules: [+++] Open: 2019387 - ET POLICY SSL Certificate IRC GEEKS Likely Encrypted IRC or CnC (policy.rules)
2019388 - ET TROJAN ABUSE.CH SSL Fingerprint Blacklist Malicious SSL certificate detected (KINS CnC) (trojan.rules)
2019389 - ET EXPLOIT Possible Postfix CVE-2014-6271 attempt (exploit.rules) Pro 2808969 - ETPRO WEB_CLIENT Possible FlashPlayer CVE-2014-0551 (web_client.rules)
2808970 - ETPRO MOBILE_MALWARE Android/Spy.Kasandra.B Checkin (mobile_malware.rules)
2808971 - ETPRO MOBILE_MALWARE Backdoor.AndroidOS.Carej.b Checkin 2 (mobile_malware.rules)
[///] Modified active rules: [///]
2008550 - ET TROJAN Trojan.Win32.Buzus Checkin (trojan.rules)
2808941 - ETPRO TROJAN Win32/Spy.Bancos.ACW Checkin (trojan.rules)
2018719 - ET TROJAN ABUSE.CH SSL Fingerprint Blacklist Malicious SSL certificate detected (KINS C2) (trojan.rules)
2019365 - ET WEB_SPECIFIC_APPS Bugzilla token.cgi HPP e-mail validation bypass Attempt Client Body (web_specific_apps.rules)
2019384 - ET TROJAN Neverquest Request URI Struct (trojan.rules)
[---] Removed rules: [---] 2018328 - ET TROJAN Win32/Kryptik.AZER C2 SSL Stolen Cert (trojan.rules)
2803912 - ETPRO POLICY SSL Certificate IRC GEEKS Likely Encrypted IRC or CnC (policy.rules)
Date: 
Thursday, October 9, 2014 - 22:00