Daily Ruleset Update Summary 09/24/2014
[***] Summary: [***]10 new Open rules, 17 new Pro (10 + 17). CVE-2014-6271 Bash Vuln, SolarWinds Storage Manager, AutoSMS.BF, Pushdo V3.Thanks: Jake Warren and @jaimeblascob[+++] Added rules:...
View ArticleDaily Ruleset Update Summary 09/25/2014
2 new Open. 8 new Pro (2/6).Added http_cookie vector for the 2014-6271 (tks @inliniac). 2019239 – ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP Cookie (web_server.rules) 2019240 – ET POLICY...
View ArticleDaily Ruleset Update Summary 09/25/2014 – Part Two
[***] Summary: [***]32 new Open signatures 36 new Pro (32 + 4). CVE-2014-6271, Arris Cable Modem Backdoor, Android.Trojan.Magwei.A, W32/Banker.Please note that the generic HTTP URLENCODE sids 2019244 –...
View ArticleDaily Ruleset Update Summary 09/26/2014
[***] Summary: [***]18 new Open signatures, 29 new Pro. More CVE-2014-6271, Dyre, Various Android, Nucom ADSL Cred disclosure, ZyXEL Cred disclosure.Thanks: Livio Ricciulli,Packet Hack, @kafeine,...
View ArticleSuricata Training Dates Announced
OISF has 2 training dates announced, and more to come! The first is in parallel with Black Hat Amsterdam 2014. Just a few weeks away. If you’re attending BH please consider attending Suricata training...
View ArticleDaily Ruleset Update Summary 09/29/2014
[***] Summary: [***]27 new Open signatures, 34 new Pro (27+7). ShellshockCampaign, Sourtoff, Job314 EK.Thanks: Markus Manzke, rmkml, @EKwatcher, @abuse_ch and @kafeine.[+++] Added rules:...
View ArticleDaily Ruleset Update Summary 09/30/2014
[***] Summary: [***]8 new Open signatures, 14 new Pro (8+6). Dyre, CVE-2014-6271, Flashpack, Bredolap/Rebhip/Bifrose, Win32.TrojanDropper.Thanks: @EKwatcher and @kafeine.[+++] Added rules:...
View ArticleDaily Ruleset Update Summary 10/01/2014
[***] Summary: [***]10 new Open signatures, 15 new Pro (10 + 5). Abuse.ch SSL blacklist, iOS/Xsser, Trojan/Banker.Agent.bof, Win32.Slenfbot.Thanks: Patrick Olsen, Jake Warren, James Lay, Stephane...
View ArticleDaily Ruleset Update Summary 10/02/2014
[***] Summary: [***]5 new Open rules, 15 new Pro (5 + 10). Cryptowall 2.0, VirusDoctor, revslider_show_image LFI, ComputerCop.[+++] Added rules: [+++]Open:2019337 – ET CURRENT_EVENTS Possible Upatre...
View ArticleDaily Ruleset Update Summary 10/03/2014
[***] Summary: [***]12 new Open signatures, 15 new Pro signatures (12 + 3). Dyre, Sweet Orange, AndroidOS.Koler.Thanks: @kafeine, Jake Warren.[+++] Added rules: [+++]Open:2019342 – ET CURRENT_EVENTS...
View ArticleDaily Ruleset Update Summary 10/06/2014
[***] Summary: [***]7 new Open Signatures, 12 new Pro. W32/SpyClicker, Spy.Bancos, Abuse.ch SSL blacklist.Thanks: Kevin Ross, James Lay and @abuse_ch.[+++] Added rules: [+++]Open:2019354 – ET TROJAN...
View ArticleDaily Ruleset Update Summary 10/07/2014
[***] Summary: [***]7 new Pro signatures. Win32/Rbot IRC, MailChimp Forms XSS, Win32/SoftPulse.[+++] Added rules: [+++]2808946 – ETPRO TROJAN Backdoor.Win32/Rbot IRC LOGIN (trojan.rules) 2808947 –...
View ArticleDaily Ruleset Update Summary 10/08/2014
[***] Summary: [***]13 new Open signatures, 19 new Pro (13+6): Sednit EK, Various Android, Bugzilla vulns.Thanks: ESET, Jake Warren, @rmkml, @ekse0x, @abuse_ch.[+++] Added rules: [+++]Open:2019363 – ET...
View ArticleDaily Ruleset Update Summary 10/09/2014
[***] Summary: [***]11 new Open signatures, 21 new Pro (11 + 10). Various Android, Ursnif, Twiki RCE, Neverquest.Thanks: Seth Elo, vlintelligence, John Babio, Jake Warren and @rmkml.[+++] Added rules:...
View ArticleDaily Ruleset Update Summary 10/10/2014
[***] Summary: [***]3 new Open signatures, 6 new Pro (3 + 3). Postfix CVE-2014-6271, FlashPlayer CVE-2014-0551.Thanks: Jake Warren, bunk3m, @rmkml, @abuse_ch.[+++] Added rules: [+++]Open:2019387 – ET...
View ArticleDaily Ruleset Update Summary 10/13/2014
[***] Summary: [***]5 new Open signatures, 19 new Pro (5+14). W32/Symmi, HP Data Protector RCE, Unrecom backdoor.Thanks, Kevin Ross and @rmkml.[+++] Added rules: [+++]Open:2019390 – ET TROJAN...
View ArticleDaily Ruleset Update Summary 10/14/2014
[***] Summary: [***]5 new Open signatures, 20 new Pro (5 + 15). Sandworm, Patch Tuesday, TorrentLocker DNS Lookup.Thanks: Jake Warren[+++] Added rules: [+++]Open:2019395 – ET CURRENT_EVENTS Possible...
View ArticleDaily Ruleset Update Summary 10/15/2014
[***] Summary: [***]22 new Open signatures, 35 new Pro (22 + 13). CVE-2014-6271, POODLE, Hurricane Panda, BlackEnergy.Thanks: Fox-IT, Kevin Ross, Jake Warren, @rmkml and @abuse_ch.[+++] Added rules:...
View ArticleDaily Ruleset Update Summary 10/16/2014
[***] Summary: [***]35 new Open signatures, 37 new Pro (35+2). CVE-2014-3704 Drupal SQLi, FrameworkPOS, Win32.GameThief.Magania.Thanks: Steven Bairstow, Jake Warren, @kafeine.[+++] Added rules:...
View ArticleDaily Ruleset Update Summary 10/17/2014
[***] Summary: [***]14 new Open signatures, 17 new Pro (14 + 3). BlackEnergy, Win32/Zemot, Spy.KeyLogger.Thanks: Jake Warren, James Lay, Kevin Ross and @abuse_ch.[+++] Added rules: [+++]Open:2019457 –...
View Article