[***] Summary: [***] 15 new Open signatures, 19 new Pro (15+4). D-Link IP Camera vuln, Magnitude, CVE-2014-6332, BlackUnix Shellbot. Thanks: Kevin Ross, @abuse_ch. [+++] Added rules: [+++] Open: 2019798 - ET CURRENT_EVENTS Malicious Iframe Leading to EK (current_events.rules)
2019799 - ET CURRENT_EVENTS Magnitude Flash Exploit (IE) (current_events.rules)
2019800 - ET CURRENT_EVENTS Magnitude Flash Payload (current_events.rules)
2019801 - ET EXPLOIT D-Link IP Camera Vulnerable HTTP Request (CVE-2013-1599) (exploit.rules)
2019802 - ET EXPLOIT D-Link IP Camera Vulnerable HTTP Request (CVE-2013-1600) (exploit.rules)
2019803 - ET EXPLOIT D-Link IP Camera Vulnerable HTTP Request (CVE-2013-1601) (exploit.rules)
2019804 - ET WEB_SERVER PHP.//Input in HTTP POST (web_server.rules)
2019805 - ET MOBILE_MALWARE Android.Stealthgenie Checkin (mobile_malware.rules)
2019806 - ET CURRENT_EVENTS Possible Internet Explorer CVE-2014-6332 Common Construct (Reversed) (current_events.rules)
2019807 - ET CURRENT_EVENTS KaiXin Landing Page Nov 25 2014 (current_events.rules)
2019808 - ET TROJAN W32/DoubleTap.APT Downloader CnC Beacon (trojan.rules)
2019809 - ET TROJAN W32/DoubleTap.APT Downloader Socks5 Setup Request (trojan.rules)
2019810 - ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Dyre CnC) (trojan.rules)
2019811 - ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (KINS CnC) (trojan.rules)
2019812 - ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Dyre CnC) (trojan.rules) Pro: 2809242 - ETPRO TROJAN Linux/BlackUnix Shellbot Checkin via IRC (trojan.rules)
2809245 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.FakeDebugger Checkin (mobile_malware.rules)
2809246 - ETPRO TROJAN Backdoor.Preft Checkin (trojan.rules)
2809247 - ETPRO TROJAN WIN32/ELVATKA.A Checkin (trojan.rules)
[///] Modified active rules: [///] 2014726 - ET POLICY Outdated Windows Flash Version IE (policy.rules)
2014727 - ET POLICY Outdated Mac Flash Version (policy.rules)
2019763 - ET CURRENT_EVENTS Job314/Neutrino Reboot EK Flash Exploit Nov 20 2014 (current_events.rules)
Date: 
Monday, November 24, 2014 - 22:00