Daily Ruleset Update Summary 09/10/2013
[***] Summary: [***] 15 new Open rules. 40 new Pro rules (15/25). MS Tuesday: https://www.emergingthreats.net/2013/09/10/september-2013-microsoft-tuesday-coverage/ PHP Super Globals, EK’s, etc. [+++]...
View ArticleDaily Ruleset Update Summary 09/11/2013
[***] Summary: [***] 6 new Open rules. 23 new Pro rules. (6/17). BHEK, FlimKit, Waledac, Vuln Java 1.7, etc. [+++] Added rules: [+++] Open: 2017451 – ET CURRENT_EVENTS FlimKit Landing Page...
View ArticleDaily Ruleset Update Summary 09/13/2013
[***] Summary: [***] 7 new Open rules. 12 new Pro rules (7/5). EK’s, CAnchorElement Use-After-Free, ZeroAccess, etc. [+++] Added rules: [+++] Open: 2017457 – ET INFO SUSPICIOUS Java request to UNI.ME...
View ArticleDaily Ruleset Update Summary 09/16/2013
[***] Summary: [***] 12 new Open rules. 20 new Pro rules (12/8). Cool SNET, Unknown EK’s, Hesperus, Dipverdle.A, etc. Tks to Kevin Ross, @kafeine, Eoin Miller, all. [+++] Added rules: [+++] Open:...
View ArticleDaily Ruleset Update Summary 09/17/2013
[***] Summary: [***] 5 new Open rules. 16 new Pro rules. (5/11). Sweet Orange, CVE-2013-3893, Gh0st Rat, etc. [+++] Added rules: [+++] Open: 2017476 – ET CURRENT_EVENTS DRIVEBY SweetOrange – Jave...
View ArticleDaily Ruleset Update Summary 09/18/2013
[***] Summary: [***] 2 new Open. 6 new Pro (2/4). BHEK updates. Styx/BHEK redirects. Popads EK sigs renamed to Magnitude EK “pop pop” due to the fact that Popads being a legit ad network. Thanks Eoin,...
View ArticleDaily Ruleset Update Summary 09/19/2013
[***] Summary: [***] 16 new Open rules. 19 new Pro rules (16/3). Rawin, Unknown EK, Neutrino, Cool, Possible JavaFX click2play bypass, Suri LuaJIT. Thanks to Chris Wakelin, Eoin Miller, Kevin Ross,...
View ArticleDaily Ruleset Update Summary 09/20/2013
[***] Summary: [***] 8 New Open. 26 new Pro (8/18). Gh0st, Generic detection for various JS evil. etc. [+++] Added rules: [+++] Open: 2017498 – ET CURRENT_EVENTS Blatantly Evil JS Function...
View ArticleECONET.COM SIGNS OEM AGREEMENT WITH EMERGING THREATS TO INCLUDE THE ETPRO™...
LAFAYETTE, IN. – SEPTEMBER 23, 2013 – Emerging Threats, a world-leading provider of commercial and open source threat intelligence, today announced that Sentinel Intrusion Prevention Systems...
View ArticleDaily Ruleset Update Summary 09/24/2013
[***] Summary: [***] 6 new rules. Suricata LuaJIT updates. https://github.com/EmergingThreats/et-luajit-scripts Styx click2play, DeputyDog callback, Metasploit CVE-2013-3205, etc. Thanks to Kevin...
View ArticleDaily Ruleset Update Summary 09/25/2013
[***] Summary: [***] 14 new Open rules. 22 new Pro rules (14/8) Worm.VBS.ayr,OSX Leverage.a,DATA-BROKER,Hiloti,Caphaw,etc. Thanks to Kevin Ross, Alien Vault, all. [+++] Added rules: [+++] Open: 2017512...
View ArticleDaily Ruleset Update Summary 11/07/2013
[***] Summary: [***] 9 new open rules, 12 new pro rules (9/3). Supermicro IPMI, Citadel, Mydoom, Kryptik. Thanks to @EKwatcher, @kafeine, Kevin Ross. [+++] Added rules: [+++] Pro: 2807185 – ETPRO...
View ArticleWeekly Ruleset Summary 11/8/2013
Great set of new rules and updates this week! 45 Open rules, 23 Pro, for 68 total new this week. [+++] Added rules: [+++] 2017652 – ET CURRENT_EVENTS Possible Neutrino EK Landing...
View ArticleDaily Ruleset Update Summary 11/08/2013
[***] Summary: [***] 8 open rules, 11 pro rules (8/3). Magnitude EK, Angler EK, Facebook Trojan, webr00t, Zbot. Thanks to @kafeine @EKwatcher @MalwareMustDie. [+++] Added rules: [+++] Pro: 2807188 –...
View ArticleDaily Ruleset Update Summary 11/10/2013
[***] Summary: [***] 1 new rule related to the IE 0-day/Deputy Dog activity discovered by FireEye. This is only for the C2 activity. We will try to provide signatures for the IE bug when details become...
View ArticleDaily Ruleset Update Summary 11/11/2013
[***] Summary: [***] 1 new open rule, 3 new pro rules (1/2). Angler EK, IE 0day. [+++] Added rules: [+++] Pro: 2807191 – ETPRO WEB_CLIENT Possible IE 0day CVE-2013-3918 1 (web_client.rules) 2807192 –...
View ArticleNovember 2013 Microsoft Tuesday Coverage
Bulletin CVE Title Notes ET Pro Coverage MS13-088 2013-3871 Internet Explorer Memory Corruption Vulnerability Exploit Code Likely 2807201-2807204 MS13-088 2013-3908 Internet Explorer Information...
View ArticleDaily Ruleset Update Summary 11/12/2013
[***] Summary: [***] 6 open rules, 27 pro rules (6/21). Patch Tuesday, Netsky, Sweet Orange. IE 0day signatures are now a part of the open set. More patch Tuesday coverage information is here:...
View ArticleDaily Ruleset Update Summary 11/13/2013
[***] Summary: [***] 5 new open rules, 11 pro rules (5/6). Orbit, Pigsearch, Taidor, Angler EK. Luajit JIT scripts updated to detect CVE-2013-0074 as seen in Angler. Thanks to: Nathan Fowler,...
View ArticleDaily Ruleset Update Summary 11/14/2013
[***] Summary: [***] 7 open rules, 18 pro rules (7/11). BlackRev, Bancos, Athena. Thanks to Kevin Ross and Travis Green. [+++] Added rules: [+++] Pro: 2807220 – ETPRO MALWARE AdWare.Win32.HelpExpress...
View Article