Quantcast
Channel: Blog
Viewing all articles
Browse latest Browse all 489

Daily Ruleset Update Summary 09/25/2014 – Part Two

September 25, 2014, 4:20 pm
$
0
0

[***] Summary: [***]

32 new Open signatures 36 new Pro (32 + 4). CVE-2014-6271, Arris Cable Modem Backdoor, Android.Trojan.Magwei.A, W32/Banker.

Please note that the generic HTTP URLENCODE sids 2019244 – 2019273 are disabled by default.

[+++] Added rules: [+++]

2019241 – ET WEB_SERVER Possible CVE-2014-6271 Attempt in Client Body 3 (web_server.rules)
2019243 – ET TROJAN Infostealer.Boleteiro checking stoled boleto payment information (trojan.rules)
2019244 – ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 1 (web_server.rules)
2019245 – ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 2 (web_server.rules)
2019246 – ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 3 (web_server.rules)
2019247 – ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 4 (web_server.rules)
2019248 – ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 5 (web_server.rules)
2019249 – ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 6 (web_server.rules)
2019250 – ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 7 (web_server.rules)
2019251 – ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 8 (web_server.rules)
2019252 – ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 9 (web_server.rules)
2019253 – ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 10 (web_server.rules)
2019254 – ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 11 (web_server.rules)
2019255 – ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 12 (web_server.rules)
2019256 – ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 13 (web_server.rules)
2019257 – ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 14 (web_server.rules)
2019258 – ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 15 (web_server.rules)
2019259 – ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 16 (web_server.rules)
2019260 – ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 17 (web_server.rules)
2019261 – ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 18 (web_server.rules)
2019262 – ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 19 (web_server.rules)
2019263 – ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 20 (web_server.rules)
2019264 – ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 21 (web_server.rules)
2019265 – ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 22 (web_server.rules)
2019266 – ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 23 (web_server.rules)
2019267 – ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 24 (web_server.rules)
2019268 – ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 25 (web_server.rules)
2019269 – ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 26 (web_server.rules)
2019270 – ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 27 (web_server.rules)
2019271 – ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 28 (web_server.rules)
2019272 – ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 29 (web_server.rules)
2019273 – ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 30 (web_server.rules)

Pro:

2808892 – ETPRO EXPLOIT Arris Cable Modem Backdoor GET request (exploit.rules)
2808893 – ETPRO TROJAN W32/Banker.AAUS!tr.spy Checkin (trojan.rules)
2808894 – ETPRO MOBILE_MALWARE Android.Trojan.Magwei.A Checkin (mobile_malware.rules)
2808895 – ETPRO MOBILE_MALWARE Android.Trojan.Magwei.A Checkin 2 (mobile_malware.rules)
[///] Modified active rules: [///]

2019234 – ET WEB_SERVER Possible CVE-2014-6271 Attempt in Client Body 2 (web_server.rules)
2019237 – ET EXPLOIT Possible CVE-2014-6271 exploit attempt via malicious DHCP ACK (exploit.rules)
2808178 – ETPRO MOBILE_MALWARE Android.Monitor.Spyera.A Checkin (mobile_malware.rules)
[---] Removed rules: [---]

2019238 – ET EXPLOIT Possible CVE-2014-6271 exploit attempt via malicious DHCP ACK – option 67 (exploit.rules)

The post Daily Ruleset Update Summary 09/25/2014 – Part Two appeared first on Emerging Threats.

Search
Viewing all articles
Browse latest Browse all 489
Search