[***] Summary: [***] 1 new Open signature, 10 new Pro (1 + 9). Dyre, Operation Cleaver, Angler EK, Win32.Infostealer. [+++] Added rules: [+++] Open: 2019875 - ET CURRENT_EVENTS Possible Dyre SSL Cert Dec 4 2014 (current_events.rules) Pro: 2809276 - ETPRO TROJAN W32/TinyZBot v1 Checkin (Operation Cleaver) (trojan.rules)
2809277 - ETPRO MALWARE PUA.Kuping Checkin (malware.rules)
2809278 - ETPRO MALWARE Win32/Adware.Adpeak.Q Checkin (malware.rules)
2809279 - ETPRO MALWARE PUA Win32/ShopperPro.A Checkin (malware.rules)
2809280 - ETPRO TROJAN Win32.Infostealer.Compfolder Checkin (trojan.rules)
2809282 - ETPRO TROJAN Wauchos.AO/Andromeda Checkin 2 (trojan.rules)
2809283 - ETPRO CURRENT_EVENTS DRIVEBY Angler EK Landing M1 Dec 03 (current_events.rules)
2809284 - ETPRO CURRENT_EVENTS DRIVEBY Angler EK Landing M2 Dec 03 (current_events.rules)
2809285 - ETPRO CURRENT_EVENTS DRIVEBY Angler EK Landing M3 Dec 03 (current_events.rules)
[///] Modified active rules: [///] 2010494 - ET SCAN Multiple MySQL Login Failures, Possible Brute Force Attempt (scan.rules)
2019829 - ET TROJAN W32/Fin4.InfoStealer Uploading User Credentials CnC Beacon (trojan.rules)
2019833 - ET TROJAN Possible Dyre SSL Cert (fake state) (trojan.rules)
2808348 - ETPRO MOBILE_MALWARE Android.Trojan.Voxv.A Checkin (mobile_malware.rules)
[---] Removed rules: [---] 2016058 - ET CURRENT_EVENTS CoolEK - New PDF Exploit - Dec 18 2012 (current_events.rules)
Date: 
Wednesday, December 3, 2014 - 22:00