[***] Summary: [***] 10 new Open signatures, 24 new Pro (10 + 14). CoolReaper, SoakSoak, Spy.Banker.AAXV. Thanks: Nathan Fowler, Kevin Ross, @rmkml and @abuse_ch [+++] Added rules: [+++] Open: 2019957 - ET WEB_SERVER Generic PHP Remote File Include (web_server.rules)
2019958 - ET MOBILE_MALWARE CoolReaper CnC Beacon 1 (mobile_malware.rules)
2019959 - ET MOBILE_MALWARE CoolReaper CnC Beacon 2 (mobile_malware.rules)
2019960 - ET MOBILE_MALWARE CoolReaper User-Agent (mobile_malware.rules)
2019961 - ET TROJAN Win32/Spy.Banker.AAXV Retrieving key from Pinterest (trojan.rules)
2019962 - ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (KINS CnC) (trojan.rules)
2019963 - ET SCAN Acunetix Accept HTTP Header detected scan in progress (scan.rules)
2019964 - ET TROJAN Win32.Backdoor checkin (trojan.rules)
2019965 - ET TROJAN FinancialStatement Keylogger POSTing keystrokes (trojan.rules)
2019966 - ET TROJAN Win32/Poweliks.A Checkin 2 (trojan.rules) Pro: 2809349 - ETPRO WEB_SPECIFIC_APPS Download Manager WP Plugin Arbitrary File Upload 2 (web_specific_apps.rules)
2809350 - ETPRO WEB_SPECIFIC_APPS Symposium WP Plugin Arbitrary File Upload (web_specific_apps.rules)
2809351 - ETPRO TROJAN Win32/Ratosto.A Checkin (trojan.rules)
2809352 - ETPRO TROJAN Win32/ChkBot.A IRC Checkin (trojan.rules)
2809353 - ETPRO WEB_SPECIFIC_APPS Download Manager WP Plugin RCE Attempt (web_specific_apps.rules)
2809354 - ETPRO TROJAN SoakSoak Malware Checkin (trojan.rules)
2809355 - ETPRO TROJAN Backdoor.Win32.Speccom.A Checkin (trojan.rules)
2809356 - ETPRO TROJAN Win32/Locker.Nikifer Checkin (trojan.rules)
2809357 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Wroba.b Checkin 2 (mobile_malware.rules)
2809358 - ETPRO TROJAN Win32/Injector.BRLE Checkin (trojan.rules)
2809359 - ETPRO TROJAN Win32/Injector.BRLE Checkin Response - Fake Internal Server Error (trojan.rules)
2809360 - ETPRO TROJAN Win32.Staser.aqkw Checkin (trojan.rules)
2809361 - ETPRO POLICY Win32/RemoteAdmin.RemoteUtilities XML Checkin (policy.rules)
2809362 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Wroba.f Checkin (mobile_malware.rules)
[///] Modified active rules: [///] 2019193 - ET CURRENT_EVENTS RIG EK Landing Page Sept 17 2014 (current_events.rules)
2019939 - ET CURRENT_EVENTS SoakSoak Malware GET request (current_events.rules)
2805646 - ETPRO TROJAN Backdoor.Win32.Bezigate Checkin (trojan.rules)
[---] Removed rules: [---] 2002385 - ET TROJAN IRC channel topic reptile commands (trojan.rules)
2807684 - ETPRO TROJAN Trojan.Agent.AIXD Checkin (trojan.rules)
2808731 - ETPRO TROJAN Win32.QQPass.abvu Retrieving key from Pinterest (trojan.rules)
Date: 
Tuesday, December 16, 2014 - 22:00