[***] Summary: [***] 15 new Open signatures, 22 new Pro (15 + 7). Gootkit, Cloud Atlas, HanJuan, Jaik. Thanks: @kafeine, @jaimeblascob, @EKWatcher and @abuse_ch. [+++] Added rules: [+++] 2019904 - ET CURRENT_EVENTS QNAP Shellshock CVE-2014-6271 (current_events.rules)
2019905 - ET CURRENT_EVENTS QNAP Shellshock script retrieval (current_events.rules)
2019906 - ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Cridex CnC) (trojan.rules)
2019907 - ET CURRENT_EVENTS Gootkit SSL Cert Dec 10 2014 (current_events.rules)
2019908 - ET CURRENT_EVENTS Evil Flash Redirector to Job314/Neutrino Reboot EK (current_events.rules)
2019909 - ET TROJAN Win32/Teerac.A Tor Based Locker .onion Proxy Domain (trojan.rules)
2019910 - ET TROJAN DNS Query for Cloud Atlas haarmannsi.cz (trojan.rules)
2019911 - ET TROJAN DNS Query for Cloud Atlas sanygroup.co.uk (trojan.rules)
2019912 - ET TROJAN DNS Query for Cloud Atlas ecolines.es (trojan.rules)
2019913 - ET TROJAN DNS Query for Cloud Atlas blackberry-support.herokuapp.com (trojan.rules)
2019914 - ET POLICY HTTP Request to WebDAV CloudMe Service (policy.rules)
2019915 - ET TROJAN Cloud Atlas Request to WebDAV CloudMe (trojan.rules)
2019916 - ET CURRENT_EVENTS HanJuan Landing Dec 10 2014 (current_events.rules)
2019917 - ET CURRENT_EVENTS Nuclear EK SilverLight Exploit (current_events.rules)
2019918 - ET TROJAN Win32/Teerac.A SSL Cert (trojan.rules) Pro: 2809320 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.Agent.ef Checkin (mobile_malware.rules)
2809321 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.Agent.ef Checkin 2 (mobile_malware.rules)
2809322 - ETPRO TROJAN Jaik Variant Checkin Response (trojan.rules)
2809323 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Agent.u Checkin (mobile_malware.rules)
2809324 - ETPRO TROJAN Zusy Variant Checkin (trojan.rules)
2809325 - ETPRO TROJAN Win32/Bagle.L Checkin (trojan.rules)
2809326 - ETPRO TROJAN INFOSTEALER.COMPFOLDER sending stolen files (trojan.rules)
[///] Modified active rules: [///] 2019829 - ET TROJAN W32/Fin4.InfoStealer Uploading User Credentials CnC Beacon (trojan.rules)
2019844 - ET CURRENT_EVENTS DRIVEBY Nuclear EK Exploit Struct (current_events.rules)
2019845 - ET CURRENT_EVENTS DRIVEBY Nuclear EK SWF (current_events.rules)
2019846 - ET CURRENT_EVENTS DRIVEBY Nuclear EK SWF (current_events.rules)
2019872 - ET CURRENT_EVENTS DRIVEBY Nuclear EK Payload (flowbits set) (current_events.rules)
2805446 - ETPRO TROJAN Win32/Recslurp.A Checkin (trojan.rules)
2807981 - ETPRO MOBILE_MALWARE Android/TrojanSMS.Feejar.D Checkin (mobile_malware.rules)
2808974 - ETPRO TROJAN Jaik Variant Checkin (trojan.rules)
2809018 - ETPRO TROJAN W32/Cryrar CnC (trojan.rules)
Date: 
Tuesday, December 9, 2014 - 22:00