Emerging Threats

  • Increase font size
  • Default font size
  • Decrease font size
Emerging Threats

Weekly New Signatures October 10, 2009

Monday, 12 October 2009 08:12 Matt Jonkman
E-mail Print PDF

[+++] Added rules: [+++]

2009154 - ET USER_AGENTS Automated Injection Tool User-Agent (AutoGetColumn) (emerging-user_agents.rules)
2010035 - ET WEB_CLIENT ACTIVEX Possible EMC Captiva PixTools Distributed Imaging ActiveX Control Vulnerable WriteToLog Method Arbitrary File Creation/Overwrite Attempt (emerging-web_client.rules)
2010036 - ET WEB_CLIENT ACTIVEX Possible EMC Captiva PixTools Distributed Imaging ActiveX Control Vulnerable SetLogLevel/SetLogFileName Method Arbitrary File Creation/Overwrite Attempt (emerging-web_client.rules)
2010037 - ET WEB_SERVER Possible SQL Injection INTO OUTFILE Arbitrary File Write Attempt (emerging-web_server.rules)
2010038 - ET WEB_SERVER Possible INTO OUTFILE Arbitrary File Write SQL Injection In Cookie (emerging-web_server.rules)
2010039 - ET WEB_ACTIVEX Possible AOL SuperBuddy ActiveX Control Remote Code Execution Attempt (emerging-web_client.rules)
2010040 - ET WEB_SPECIFIC_APPS Joomla! CB Resume Builder 'group_id' Parameter SELECT FROM SQL Injection (emerging-web_specific_apps.rules)
2010041 - ET WEB_SPECIFIC_APPS Joomla! CB Resume Builder 'group_id' Parameter DELETE FROM SQL Injection (emerging-web_specific_apps.rules)
2010042 - ET WEB_SPECIFIC_APPS Joomla! CB Resume Builder 'group_id' Parameter UNION SELECT SQL Injection (emerging-web_specific_apps.rules)
2010043 - ET WEB_SPECIFIC_APPS Joomla! CB Resume Builder 'group_id' Parameter INSERT INTO SQL Injection (emerging-web_specific_apps.rules)
2010044 - WEB_SPECIFIC_APPS Joomla! CB Resume Builder 'group_id' Parameter UPDATE SET SQL Injection (emerging-web_specific_apps.rules)
2010045 - ET WEB_SPECIFIC_APPS Joomla! Soundset Component 'cat_id' Parameter SELECT FROM SQL Injection (emerging-web_specific_apps.rules)
2010046 - ET WEB_SPECIFIC_APPS Joomla! Soundset Component 'cat_id' Parameter DELETE FROM SQL Injection (emerging-web_specific_apps.rules)
2010047 - ET WEB_SPECIFIC_APPS Joomla! Soundset Component 'cat_id' Parameter UNION SELECT SQL Injection (emerging-web_specific_apps.rules)
2010048 - ET WEB_SPECIFIC_APPS Joomla! Soundset Component 'cat_id' Parameter INSERT INTO SQL Injection (emerging-web_specific_apps.rules)
2010049 - ET CURRENT_EVENTS MALWARE Likely Rogue Antivirus Download - installer_1.exe (emerging-current_events.rules)
2010050 - ET CURRENT_EVENTS MALWARE Likely Rogue Antivirus Download - Antivirus_21.exe (emerging-current_events.rules)
2010051 - ET CURRENT_EVENTS MALWARE Likely Rogue Antivirus Download - ws.exe (emerging-current_events.rules)
2010052 - ET CURRENT_EVENTS MALWARE Likely Rogue Antivirus Download - ws.zip (emerging-current_events.rules)
2010053 - ET CURRENT_EVENTS TROJAN Likely FakeRean Download (emerging-current_events.rules)
2010054 - ET CURRENT_EVENTS TROJAN Likely TDSS Download (codex.exe) (emerging-current_events.rules)
2010055 - ET CURRENT_EVENTS TROJAN Likely TDSS Download (pcdef.exe) (emerging-current_events.rules)
2010056 - ET CURRENT_EVENTS TROJAN Likely TDSS Download (197.exe) (emerging-current_events.rules)
2010057 - ET CURRENT_EVENTS MALWARE Likely Rogue Antivirus Download - installpv.exe (emerging-current_events.rules)
2010058 - ET CURRENT_EVENTS MALWARE Likely Unknown Trojan Download (emerging-current_events.rules)
2010059 - ET CURRENT_EVENTS TROJAN Likely Unknown Trojan Infostealer Download (emerging-current_events.rules)
2010060 - ET CURRENT_EVENTS TROJAN Likely Possible Rogue A/V Win32/FakeXPA Download (emerging-current_events.rules)
2010061 - ET CURRENT_EVENTS MALWARE Likely Rogue Antivirus Download - InternetAntivirusPro.exe (emerging-current_events.rules)
2010062 - ET CURRENT_EVENTS MALWARE Likely Rogue Antivirus Download - AntivirusPlus.exe (emerging-current_events.rules)
2010063 - ET WEB_CLIENT Possible Google Apps 'googleapps.url.mailto' Handler IE Command Injection Attempt (emerging-web_client.rules)
2010064 - ET MALWARE Buzus Posting Data (emerging-virus.rules)
2010065 - ET TROJAN SafeFighter Fake Scanner Installation in Progress (emerging-virus.rules)
2010066 - ET TROJAN Data POST to an image file (gif) (emerging-virus.rules)
2010067 - ET TROJAN Data POST to an image file (jpg) (emerging-virus.rules)
2010068 - ET TROJAN Data POST to an image file (jpeg) (emerging-virus.rules)
2010069 - ET TROJAN Data POST to an image file (bmp) (emerging-virus.rules)
2010070 - ET TROJAN Data POST to an image file (png) (emerging-virus.rules)
2010071 - ET TROJAN Bredolab Infection - checkin (emerging-virus.rules)
2010072 - ET TROJAN Bredolab Infection - Windows Key (emerging-virus.rules)

 
More Articles...
  • «
  •  Start 
  •  Prev 
  •  1 
  •  2 
  •  3 
  •  4 
  •  5 
  •  6 
  •  7 
  •  8 
  •  9 
  •  10 
  •  Next 
  •  End 
  • »
Page 1 of 38

Contribute to ET! Try SIDReporter

SIDReporter is ready for Prime Time! Try it out and contribute anonymous statistics about the rulesets, get in depth analysis of your events vs global trends, and help make the ET Rulesets better!

Statistics now online!

http://www.emergingthreats.net/index.php/sidreporter-statistics.html

Code here!

http://doc.emergingthreats.net/bin/view/Main/SidReporter