Emerging Threats

  • Increase font size
  • Default font size
  • Decrease font size

Weekly New Signatures July 4 2009

Sunday, 05 July 2009 08:27 Matt Jonkman
E-mail Print PDF

[+++] Added rules: [+++]

2009448 - ET TROJAN Zbot/Beomok/PSW - HTTP POST (emerging-virus.rules)
2009449 - ET TROJAN Trash Family - HTTP POST (emerging-virus.rules)
2009450 - ET TROJAN Atya Dropper Possible Rootkit - HTTP GET (emerging-virus.rules)
2009451 - ET TROJAN Common Trojan HTTP GET Logging (emerging-virus.rules)
2009452 - ET TROJAN General DNS Changer Checkin (emerging-virus.rules)
2009453 - ET TROJAN BANLOAD Downloader GET Checkin (emerging-virus.rules)
2009454 - ET VIRUS Parite.B GET (emerging-virus.rules)
2009455 - ET TROJAN FAKE AV HTTP CnC Post (emerging-virus.rules)
2009456 - ET MALWARE Suspicious User Agent (ClickAdsByIE) (emerging-malware.rules)
2009457 - ET TROJAN Virut Counter/Check-in (emerging-virus.rules)
2009458 - ET TROJAN Unknown Trojan Check-in (emerging-virus.rules)
2009459 - ET WEB_SPECIFIC Orlando CMS classes init.php GLOBALS Parameter Remote File Inclusion (emerging-web_sql_injection.rules)
2009460 - ET WEB_SPECIFIC Orlando CMS newscat.php GLOBALS Parameter Remote File Inclusion (emerging-web_sql_injection.rules)
2009461 - ET WEB_SPECIFIC Orlando CMS init.php GLOBALS Parameter Local File Inclusion (emerging-web_sql_injection.rules)
2009462 - ET WEB_SPECIFIC Orlando CMS stage1.php GLOBALS Parameter Local File Inclusion (emerging-web_sql_injection.rules)
2009463 - ET WEB_SPECIFIC Orlando CMS stage4.php GLOBALS Parameter Local File Inclusion (emerging-web_sql_injection.rules)
2009464 - ET WEB_SPECIFIC Orlando CMS stage6.php GLOBALS Parameter Local File Inclusion (emerging-web_sql_injection.rules)
2009466 - ET WEB_SPECIFIC Recly Competitions Component add.php GLOBALS Parameter Remote File Inclusion (emerging-web_sql_injection.rules)
2009467 - ET WEB_SPECIFIC Recly Competitions Component competitions.php GLOBALS Parameter Remote File Inclusion (emerging-web_sql_injection.rules)
2009468 - ET WEB_SPECIFIC Recly Competitions Component settings.php mosConfig_absolute_path Parameter Remote File Inclusion (emerging-web_sql_injection.rules)
2009469 - ET WEB_ACTIVEX AOL Radio AmpX ActiveX Control ConvertFile Method Buffer Overflow (emerging-web.rules)
2009470 - ET TROJAN Generic Info Stealer - HTTP POST (emerging-virus.rules)
2009471 - ET TROJAN Bancos/Banker Info Stealer Post (emerging-virus.rules)
2009472 - ET TROJAN Fasec/FakeAV Alert/Keylogger/Dropper/DNSChanger Possible Rootkit - HTTP GET (emerging-virus.rules)
2009474 - ET TROJAN Sality - Fake Opera User-Agent (emerging-virus.rules)
2009475 - ET POLICY TeamViewer Dyngate User-Agent (emerging-policy.rules)
2009476 - ET SCAN Possible jBroFuzz Fuzzer Detected (emerging-scan.rules)
2009477 - ET SCAN SQLBrute SQL Scan Detected (emerging-scan.rules)
2009478 - ET SCAN SQLCheck Database Scan Detected (emerging-scan.rules)
2009479 - ET SCAN Asp-Audit Web Scan Detected (emerging-scan.rules)
2009480 - ET SCAN Grendel Web Scan - Default User Agent Detected (emerging-scan.rules)
2009481 - ET SCAN Grendel Web Scan Detected (emerging-scan.rules)
2009483 - ET SCAN Grabber.py Web Scan Detected (emerging-scan.rules)
2009484 - ET WEB Cpanel lastvisit.html Arbitary file disclosure (emerging-web.rules)
2009485 - ET ATTACK_RESPONSE /etc/shadow Detected in URI (emerging-attack_response.rules)
2009486 - ET MALWARE Suspicious Downloader User-Agent (Windows+NT+5.1) (emerging-malware.rules)
2009487 - ET TROJAN Downloader Possible AV KILLER- HTTP GET (emerging-virus.rules)


[///] Modified active rules: [///]

2000419 - ET POLICY PE EXE or DLL Windows file download (emerging-policy.rules)
2008373 - ET CURRENT_EVENTS ASPROX Infected Site - ngg.js Request (emerging.rules)
2008387 - ET CURRENT_EVENTS Possible ASPROX Hostile JS Being Served by a Local Webserver (/ngg.js) (emerging.rules)
2008628 - ET SCAN WSFuzzer Web Application Fuzzing (emerging-scan.rules)
2008654 - ET SCAN SQLix SQL Injection Vector Scan (emerging-scan.rules)
2009412 - ET MALWARE Generic Trojan Checkin (emerging-virus.rules)
2009442 - ET MALWARE Generic Trojan Checkin (2) (emerging-virus.rules)
2009445 - ET MALWARE Suspicious User Agent - Possibly Xema (AgavaDwnl) (emerging-malware.rules)
2009447 - ET TROJAN TSPY_BANKER.IDV/Infostealer.Bancos Module Download (emerging-virus.rules)
2402000 - ET DROP Dshield Block Listed Source (emerging-dshield.rules)
2403000 - ET DROP Dshield Block Listed Source - BLOCKING (emerging-dshield-BLOCK.rules)

< Prev   Next >
 

Funded!
Emerging Threats has been grant funded! We're here to stay for the long term!