[***] Summary: [***]

15 new Open signatures, 18 new Pro. Archie EK, Fiesta EK, Dyre.

Thanks: Kevin Ross, Jake Warren, @EKWatcher, @abuse_ch.

[+++] Added rules: [+++]

Open:

2019644 - ET TROJAN Shellshock Backdoor.Perl.Shellbot.F retrieval (trojan.rules)
2019645 - ET TROJAN Bedep SSL Cert (trojan.rules)
2019646 - ET TROJAN Bedep SSL Cert (trojan.rules)
2019648 - ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Dyre CnC) (trojan.rules)
2019649 - ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Dyre CnC) (trojan.rules)
2019650 - ET TROJAN Possible Malicious Attachment With Double Extension Ending In EXE (trojan.rules)
2019651 - ET CURRENT_EVENTS Possible Dyre SSL Cert Nov 05 2014 (current_events.rules)
2019652 - ET CURRENT_EVENTS Win32/Trustezeb.E SSL Cert Nov 05 2014 (current_events.rules)
2019653 - ET TROJAN Win32/Spy.Banker.ABCG Checkin (trojan.rules)
2019654 - ET TROJAN Trojan.FakeMS Checkin (trojan.rules)
2019655 - ET CURRENT_EVENTS Fiesta EK Landing Nov 05 2014 (current_events.rules)
2019656 - ET CURRENT_EVENTS Archie EK Exploit Flash URI Struct (current_events.rules)
2019657 - ET CURRENT_EVENTS Archie EK Exploit Flash URI Struct (current_events.rules)
2019658 - ET CURRENT_EVENTS Archie EK Exploit SilverLight URI Struct (current_events.rules)
2019659 - ET CURRENT_EVENTS Archie EK Exploit IE URI Struct (current_events.rules)

Pro:

2809125 - ETPRO POLICY Meterpreter PHP Relay In Use (hop.php) (policy.rules)
2809126 - ETPRO TROJAN Win32.Yakes Variant Checkin (trojan.rules)
2809127 - ETPRO MALWARE PUP.3lsoft Checkin (malware.rules)
[///] Modified active rules: [///]

2016757 - ET TROJAN W32/Nymaim Checkin (2) (trojan.rules)
2019115 - ET TROJAN W32/Waterspout.APT Backdoor CnC Beacon (trojan.rules)
2808141 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.u Checkin 3 (mobile_malware.rules)
[---] Removed rules: [---]

2008126 - ET ACTIVEX IBiz E-Banking Integrator V2 ActiveX Edition Insecure Method (activex.rules)
2800699 - ETPRO WEB_CLIENT Apple QuickTime BMP File Handling Heap Overflow (web_client.rules)
2807711 - ETPRO TROJAN Trojan.FakeMS Checkin (trojan.rules)
2809031 - ETPRO TROJAN Torrentlocker SSL Cert (trojan.rules)
2809123 - ETPRO TROJAN Backdoor.Win32.Waterspout.A Checkin (trojan.rules)

Date:
Summary title:
15 new Open signatures, 18 new Pro. Archie EK, Fiesta EK, Dyre.