Daily Ruleset Update Summary 2017/02/10

[***] Summary: [***]

1 new Open signature, 18 new Pro (1 + 17). Cerber, Secapk, NanoCore, Locker.Q.

[+++]          Added rules:          [+++]

Open:

2023892 - ET INFO MP4 in HTTP Flowbit Set M2 (info.rules)

Pro:

2824877 - ETPRO MOBILE_MALWARE PUA Android/Secapk.E Checkin (mobile_malware.rules)
2824878 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.dj Contacts Exfil via SMTP 3 (mobile_malware.rules)
2824879 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.dj Contacts Exfil via SMTP 4 (mobile_malware.rules)
2824880 - ETPRO MOBILE_MALWARE Android.Trojan.SMSSend.QA CnC Beacon (mobile_malware.rules)
2824881 - ETPRO TROJAN NanoCore RAT CnC 24 (trojan.rules)
2824882 - ETPRO MOBILE_MALWARE Trojan-Dropper.AndroidOS.Agent.ar Checkin (mobile_malware.rules)
2824883 - ETPRO MOBILE_MALWARE Android/Locker.Q DNS Lookup (mobile_malware.rules)
2824884 - ETPRO MOBILE_MALWARE Android/Locker.Q DNS Lookup (mobile_malware.rules)
2824885 - ETPRO MOBILE_MALWARE Android/Locker.Q DNS Lookup (mobile_malware.rules)
2824886 - ETPRO TROJAN DNS Query to Cerber Domain (1fqwek . top) (trojan.rules)
2824887 - ETPRO TROJAN DNS Query to Cerber Domain (1bj4k9 . top) (trojan.rules)
2824888 - ETPRO TROJAN DNS Query to Cerber Domain (1dz7gk . top) (trojan.rules)
2824889 - ETPRO TROJAN DNS Query to Cerber Domain (1l4zyd . top) (trojan.rules)
2824890 - ETPRO TROJAN DNS Query to Cerber Domain (1d8m97 . top) (trojan.rules)
2824891 - ETPRO TROJAN DNS Query to Cerber Domain (1h23cc . top) (trojan.rules)
2824892 - ETPRO TROJAN DNS Query to Cerber Domain (1bvadx . top) (trojan.rules)
2824893 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline (2017-02-10 1) (trojan.rules)

[///]     Modified active rules:     [///]

2023713 - ET INFO MP4 in HTTP Flowbit Set (info.rules)
2809636 - ETPRO MOBILE_MALWARE Android/Locker.Q Checkin (mobile_malware.rules)

[---]  Disabled and modified rules:  [---]

2824841 - ETPRO WEB_SERVER Expression Engine CMS Type Juggling Exploit Attempt (web_server.rules)
 

Date: 
Friday, February 10, 2017 - 00:00