[***] Summary: [***] 2 new Open rules, 19 new Pro (2+17). Cryptowall, Cisco ASA vulns, Various Android. Thanks: Kevin Ross and @rmkml. [+++] Added rules: [+++] Open: 2019485 - ET CURRENT_EVENTS Win32/Zbot SSL Cert Oct 21 2014 (current_events.rules)
2019486 - ET TROJAN Possible IRC Bot Common PRIVMSG Commands (trojan.rules) Pro: 2809030 - ETPRO TROJAN Possibly Malicious DNS TXT Response Contains URL (trojan.rules)
2809031 - ETPRO TROJAN Win32.Cryptolocker.cg SSL Cert (trojan.rules)
2809032 - ETPRO MOBILE_MALWARE Android/LoveTrap.A Checkin 3 (mobile_malware.rules)
2809033 - ETPRO MALWARE PUP Win32/Bundled.Toolbar.Ask.K Retrieving Geolocation (malware.rules)
2809036 - ETPRO EXPLOIT Possible Cisco Standby FailoverExec Exploit Attempt (exploit.rules)
2809037 - ETPRO EXPLOIT Possible Cisco Standby ConfigSync Exploit Attempt (exploit.rules)
2809038 - ETPRO MALWARE PUP Win32/SpeedingUpMyPC Checkin (malware.rules)
2809039 - ETPRO WEB_SPECIFIC_APPS Rejetto HttpFileServer RCE Check (web_specific_apps.rules)
2809040 - ETPRO TROJAN Win32/Vasdek Checkin (trojan.rules)
2809041 - ETPRO TROJAN Win32/CoinMiner.SO .exe download (trojan.rules)
2809042 - ETPRO TROJAN Possible Cryptowall Infection in Windows Roaming Profile (DECRYPT_INSTRUCTION.HTML unicode) (trojan.rules)
2809043 - ETPRO TROJAN Possible Cryptowall Infection in Windows Roaming Profile (DECRYPT_INSTRUCTION.HTML ascii) (trojan.rules)
2809044 - ETPRO TROJAN Possible Cryptowall Infection in Windows Roaming Profile (DECRYPT_INSTRUCTION.TXT unicode) (trojan.rules)
2809045 - ETPRO TROJAN Possible Cryptowall Infection in Windows Roaming Profile (DECRYPT_INSTRUCTION.HTML ascii) (trojan.rules)
2809046 - ETPRO TROJAN Possible Cryptowall Infection in Windows Roaming Profile (DECRYPT_INSTRUCTION.URL unicode) (trojan.rules)
2809047 - ETPRO TROJAN Possible Cryptowall Infection in Windows Roaming Profile (DECRYPT_INSTRUCTION.URL ascii) (trojan.rules)
2809048 - ETPRO MOBILE_MALWARE Android/OpFakeCL.A Checkin (mobile_malware.rules)
[///] Modified active rules: [///] 2019471 - ET TROJAN Possible IRCBot.DDOS Common Commands (trojan.rules)
2019479 - ET CURRENT_EVENTS Job314 EK URI Exploit/Payload Struct (current_events.rules)
[---] Disabled and modified rules: [---] 2019417 - ET CURRENT_EVENTS excessive fatal alerts (possible POODLE attack against client) (current_events.rules)
[---] Removed rules: [---] 2808587 - ETPRO TROJAN Win32/CoinMiner.SO .exe download (trojan.rules)
2808706 - ETPRO TROJAN Win32/CoinMiner.SO .exe download 2 (trojan.rules)
Date: 
Monday, October 20, 2014 - 22:00