[***] Summary: [***] 12 new Open signatures, 19 new Pro (12 + 7). Win32/Htbot.B, Neutrino, CVE-2014-9295. Thanks, Kevin Ross and @kafeine. [+++] Added rules: [+++] Open: 2020084 - ET ATTACK_RESPONSE Microsoft Powershell Banner Outbound (attack_response.rules)
2020085 - ET ATTACK_RESPONSE Microsoft CScript Banner Outbound (attack_response.rules)
2020086 - ET ATTACK_RESPONSE Microsoft WMIC Prompt Outbound (attack_response.rules)
2020087 - ET ATTACK_RESPONSE Microsoft Netsh Firewall Disable Output Outbound (attack_response.rules)
2020088 - ET ATTACK_RESPONSE SysInternals sc.exe Output Outbound (attack_response.rules)
2020089 - ET TROJAN Win32/Htbot.B Checkin (trojan.rules)
2020090 - ET TROJAN Trojan.Generic.5325921 Checkin (trojan.rules)
2020091 - ET CURRENT_EVENTS Cushion Redirection URI Struct Mon Jan 05 2015 (current_events.rules)
2020092 - ET WEB_SPECIFIC_APPS ManageEngine Desktop Central Administrator Account Creation (web_specific_apps.rules)
2020093 - ET TROJAN Neutrino Cookie (trojan.rules)
2020094 - ET TROJAN Neutrino CC dump (trojan.rules)
2020095 - ET TROJAN Steam Stealer (trojan.rules) Pro: 2809435 - ETPRO TROJAN Worm.MSIL.Mafusc.A Checkin (trojan.rules)
2809436 - ETPRO TROJAN GenericKD.2034766 Checkin (trojan.rules)
2809437 - ETPRO EXPLOIT Possible IPv6 spoofed localhost NTP traffic indicator of CVE-2014-9295 exploit attempt (control query) (exploit.rules)
2809438 - ETPRO EXPLOIT Possible IPv6 spoofed localhost NTP traffic indicator of CVE-2014-9295 exploit attempt (private query) (exploit.rules)
2809439 - ETPRO TROJAN Win32/Spy.Agent.ONY CnC Beacon 1 (trojan.rules)
2809440 - ETPRO TROJAN Win32/Spy.Agent.ONY CnC Beacon 2 (trojan.rules)
2809441 - ETPRO TROJAN suspicious User-Agent (crackim) (trojan.rules)
[///] Modified active rules: [///] 2018101 - ET TROJAN W32/Dinwod.Dropper CnC Beacon (trojan.rules)
2018580 - ET TROJAN Neutrino Checkin (trojan.rules)
2019211 - ET TROJAN Neutrino ping (trojan.rules)
2019228 - ET MALWARE Win32/SoftPulse.H Checkin (malware.rules)
[---] Removed rules: [---] 2803717 - ETPRO TROJAN Trojan.Generic.5325921 Checkin (trojan.rules)
2806735 - ETPRO TROJAN Win32/Htbot.B Checkin (trojan.rules)
Date: 
Sunday, January 4, 2015 - 22:00