[***] Summary: [***] 9 new Open signatures, 16 new Pro (9+7). SweetOrange EK, CryptoBot, HB_Banker16, Win32/Ropest. Thanks: Nathan Fowler and @abuse_ch. [+++] Added rules: [+++] Open: 2019600 - ET CURRENT_EVENTS Likely SweetOrange EK Java Exploit Struct (JNLP) (current_events.rules)
2019601 - ET TROJAN Backdoor.Win32.PcClient.bal CnC (OUTBOUND) 4 (trojan.rules)
2019602 - ET TROJAN Backdoor family PCRat/Gh0st CnC traffic (OUTBOUND) 43 (trojan.rules)
2019603 - ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (KINS C2) (trojan.rules)
2019604 - ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (KINS C2) (trojan.rules)
2019605 - ET CURRENT_EVENTS Win32/Trustezeb.J SSL Cert Oct 30 2014 (current_events.rules)
2019606 - ET TROJAN Poweliks Abnormal HTTP Headers, high likelihood of Poweliks infection (trojan.rules)
2019607 - ET TROJAN CryptoBot Downloading Files (trojan.rules)
2019608 - ET TROJAN HB_Banker16 Get (trojan.rules) Pro: 2809094 - ETPRO TROJAN Win32/Ropest.H CnC - INBOUND set (trojan.rules)
2809095 - ETPRO TROJAN Win32/Ropest.H CnC - INBOUND (trojan.rules)
2809096 - ETPRO TROJAN Win32/Derusbi.A Checkin (trojan.rules)
2809097 - ETPRO POLICY Xunlei P2P Checkin (policy.rules)
2809098 - ETPRO MOBILE_MALWARE Android/TheftSpy.C Checkin 2 (mobile_malware.rules)
2809099 - ETPRO TROJAN Trojan.Win32.KillProc.dfwkin DNS TXT Checkin Response (trojan.rules)
2809100 - ETPRO TROJAN Win32/Keylogger.CI CnC) (trojan.rules)
[///] Modified active rules: [///] 2019513 - ET CURRENT_EVENTS Angler EK Flash Exploit URI Struct (current_events.rules)
2019514 - ET CURRENT_EVENTS Angler EK Java Exploit URI Struct (current_events.rules)
2019542 - ET CURRENT_EVENTS Likely SweetOrange EK Java Exploit Struct (JAR) (current_events.rules)
2019599 - ET CURRENT_EVENTS DRIVEBY FakeSupport - Landing Page - Operating System Check (current_events.rules)
2807040 - ETPRO MOBILE_MALWARE Andr/DroidRt-A Checkin (mobile_malware.rules)
[---] Removed rules: [---] 2019591 - ET TROJAN PoisonIvy Keepalive to CnC (Operation SMN Variant) (trojan.rules)
2805448 - ETPRO TROJAN Win32.Viking.bb Checkin (trojan.rules)
Date: 
Wednesday, October 29, 2014 - 22:00