sigs/CURRENT_EVENTS/

Individual rules are under Sigs, rulesets under Rules.

Current directory: [Emerging Threats] / sigs / CURRENT_EVENTS

File		Rev.	Age	Author	Last log entry
Parent Directory
Attic/ [show]
CURRENT_Activation_Key_Trojan		1.3	4 months	fknobbe	SID 2008539 2008552 2008554 2008555 2008773 2008774 2008775: Missed unescaped co...
CURRENT_Adobe		1.2	4 months	fknobbe	SIDs 2009112 2009113: Scripted addition of Wiki and/or CVSweb references.
CURRENT_Airmail_Express		1.4	4 months	fknobbe	SID 2008539 2008552 2008554 2008555 2008773 2008774 2008775: Missed unescaped co...
CURRENT_Asprox		1.9	2 weeks	jonkman	: past its useful life, getting false positives now
CURRENT_Conficker		1.19	2 months	jonkman	2009205 2009206 2009207 2009208: Use the preproc or so rules in favor of those j...
CURRENT_DNS_Poisoning		1.22	3 months	jonkman	2001709 2001899 2001900 2001993 2002043 2002312 2002845 2002848 2002852 2003182 ...
CURRENT_DNS_dot		1.3	4 months	jonkman	2009030: up'd the threshold
CURRENT_Danmec		1.3	4 months	fknobbe	SIDs 2008530: Scripted addition of Wiki and/or CVSweb references.
CURRENT_Ecards		1.2	4 months	fknobbe	SIDs 2008528: Scripted addition of Wiki and/or CVSweb references.
CURRENT_Email_Worms		1.4	4 months	fknobbe	SID 2008539 2008552 2008554 2008555 2008773 2008774 2008775: Missed unescaped co...
CURRENT_Facebook		1.3	3 months	fknobbe	SIDs 2001621 2001810 2001621 2001751 2001810 2002129 2002130 2002131 2002132 200...
CURRENT_Fake_MS_Update		1.5	4 months	fknobbe	SIDs 2008646: Fixed escaped semicolons...(sigh)
CURRENT_Flash		1.4	4 months	fknobbe	SIDs 2008845: Scripted addition of Wiki and/or CVSweb references.
CURRENT_Fordo		1.4	4 months	fknobbe	SID 2008539 2008552 2008554 2008555 2008773 2008774 2008775: Missed unescaped co...
CURRENT_Gamersrb.com		1.5	4 months	fknobbe	SID 2009105: Typo fix. (Removed :)
CURRENT_Ghostnet		1.6	3 months	fknobbe	SIDs 2009202: Scripted addition of Wiki and/or CVSweb references.
CURRENT_Holmes		1.2	4 months	fknobbe	SIDs 2008394: Scripted addition of Wiki and/or CVSweb references.
CURRENT_IE_0Day		1.5	4 months	fknobbe	SIDs 2008876 2008877: Scripted addition of Wiki and/or CVSweb references.
CURRENT_Iamleet.be		1.2	4 months	fknobbe	SIDs 2008286: Scripted addition of Wiki and/or CVSweb references.
CURRENT_Kernelbot		1.6	4 months	fknobbe	SIDs 2008737 2008738 2008739: Scripted addition of Wiki and/or CVSweb references...
CURRENT_MS08-067		1.2	4 months	fknobbe	SIDs 2008799: Scripted addition of Wiki and/or CVSweb references.
CURRENT_MSSQL		1.2	4 months	fknobbe	SIDs 2008909 2008910: Scripted addition of Wiki and/or CVSweb references.
CURRENT_MS_Snapshot		1.2	4 months	fknobbe	SIDs 2008407 2008408 2008409: Scripted addition of Wiki and/or CVSweb references...
CURRENT_Mac_DNSChanger		1.6	4 months	fknobbe	SIDs 2008796: Fixed escaped semicolons.
CURRENT_Mass_File_Injections		1.3	4 months	fknobbe	SIDs 2008206 2008207: Scripted addition of Wiki and/or CVSweb references.
CURRENT_PDF_Malware		1.4	4 months	fknobbe	SID 2008359 2008741: Missed unescaped colons.
CURRENT_Possible_Malicious_PDF		1.3	4 months	fknobbe	SID 2009076: Missed unescaped colons.
CURRENT_Psybot		1.3	3 months	fknobbe	SIDs 2009170 2009171 2009172: Scripted addition of Wiki and/or CVSweb references...
CURRENT_Roundcube		1.10	3 months	jonkman	2008960: new
CURRENT_Rusibank.com		1.4	4 months	fknobbe	SIDs 2009092: Scripted addition of Wiki and/or CVSweb references.
CURRENT_SQL_Injections		1.15	3 days	jonkman	2008373: tweak
CURRENT_Storm		1.30	4 months	fknobbe	SIDs 2008193: Doh, missed one.
CURRENT_Test_Suspicious_DL		1.4	4 months	fknobbe	SIDs 2008014: Scripted addition of Wiki and/or CVSweb references.
CURRENT_Tigger		1.6	4 months	jonkman	updated to suit proxies too, thanks dxp
CURRENT_Toata_UA		1.3	3 months	fknobbe	SIDs 2009159: Scripted addition of Wiki and/or CVSweb references.
CURRENT_Trojan_PWS_Onlinegamestealer		1.2	4 months	fknobbe	SIDs 2008948: Scripted addition of Wiki and/or CVSweb references.
CURRENT_Unknown_trojan		1.14	3 months	fknobbe	SIDs 2001621 2001810 2001621 2001751 2001810 2002129 2002130 2002131 2002132 200...
CURRENT_Unknown_trojan3		1.4	4 months	fknobbe	SIDs 2008779 2008780: Scripted addition of Wiki and/or CVSweb references.
CURRENT_Worldpay		1.3	7 weeks	fknobbe	SIDs 2009348: Scripted addition of Wiki and/or CVSweb references.
CURRENT_santa-inbox.com		1.2	4 months	fknobbe	SIDs 2008531: Scripted addition of Wiki and/or CVSweb references.