[***] Summary: [***] 5 new Open signatures, 19 new Pro (5+14). W32/Symmi, HP Data Protector RCE, Unrecom backdoor. Thanks, Kevin Ross and @rmkml. [+++] Added rules: [+++] Open: 2019390 - ET TROJAN W32/Symmi.23950 Dropper CnC Beacon 1 (trojan.rules)
2019391 - ET TROJAN W32/Symmi.23950 Dropper CnC Beacon 2 (trojan.rules)
2019392 - ET TROJAN W32/Symmi.23950 Dropper CnC Beacon 3 (trojan.rules)
2019393 - ET TROJAN W32/Symmi.23950 Dropper CnC Beacon 4 (trojan.rules)
2019394 - ET TROJAN W32/Symmi.23950 Dropper CnC Beacon 5 (trojan.rules) Pro: 2808972 - ETPRO TROJAN Win32/Ardamax CnC Via FTP (trojan.rules)
2808973 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.Agent.bo Checkin (mobile_malware.rules)
2808974 - ETPRO TROJAN Jaik Variant Checkin (trojan.rules)
2808975 - ETPRO TROJAN TrojanSpy.Win32/NetPass Checkin via SMTP (trojan.rules)
2808976 - ETPRO TROJAN Win32/PerfectKeylogger Variant Storing Keystrokes Via FTP (trojan.rules)
2808977 - ETPRO POLICY howtofindmyipaddress.com IP Check (policy.rules)
2808978 - ETPRO MOBILE_MALWARE Android/Selfmite.A Checkin 2 (mobile_malware.rules)
2808979 - ETPRO TROJAN Backdoor.Unrecom authentication (SHA1 of XXXX) (trojan.rules)
2808980 - ETPRO EXPLOIT HP Data Protector EXEC_INTEGUTIL RCE (Unicode UTF-16 Big Endian) Windows (exploit.rules)
2808981 - ETPRO EXPLOIT HP Data Protector EXEC_INTEGUTIL RCE (Unicode UTF-16 Little Endian) Windows (exploit.rules)
2808982 - ETPRO EXPLOIT HP Data Protector EXEC_INTEGUTIL RCE (Unicode UTF-16 Big Endian) Linux (exploit.rules)
2808983 - ETPRO EXPLOIT HP Data Protector EXEC_INTEGUTIL RCE (Unicode UTF-16 Little Endian) Linux (exploit.rules)
2808984 - ETPRO EXPLOIT HP Data Protector EXEC_INTEGUTIL RCE (ASCII) Windows (exploit.rules)
2808985 - ETPRO EXPLOIT HP Data Protector EXEC_INTEGUTIL RCE (ASCII) Linux (exploit.rules)
[///] Modified active rules: [///] 2807353 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.Agent.dn Checkin (mobile_malware.rules)
Date: 
Sunday, October 12, 2014 - 22:00