Live Chat Software by Kayako
BUSCAR
Notícias
Aug
25
ProApps Security IDS Rules Changelog 2016-08-24
Postado por Rafael Honorato on 25/Aug 09:16

[***] Summary 2016-08-24 [***]

Total added rules: 140
Total modified rules: 350
Total removed rules: 41

 

[***] ProApps Security IDS Rules Changelog started Tue Aug 23 18:55:59 2016 [***]

[+++] Added rules: 25 [+++]

2023084 - ProApps TROJAN Ransomware Locky .onion Payment Domain (5n7y4yihirccftc5) (trojan.rules)
2821797 - ProApps TROJAN Bitcoin Miner Known Malicious Basic Auth (bXVyYXRzYXlpbi4xOjE=) (trojan.rules)
2821798 - ProApps CURRENT_EVENTS Possible Phishing Data Submitted to yolasite.com M2 (current_events.rules)
2821799 - ProApps CURRENT_EVENTS Successful Blocked Email Account Phish M1 Aug 23 2016 (current_events.rules)
2821800 - ProApps CURRENT_EVENTS Blocked Email Account Phishing Landing Aug 23 2016 (current_events.rules)
2821801 - ProApps CURRENT_EVENTS Successful Blocked Email Account Phish M2 Aug 23 2016 (current_events.rules)
2821802 - ProApps TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules)
2821803 - ProApps TROJAN Possible Vawtrak Injects SSL Cert (trojan.rules)
2821804 - ProApps MALWARE MSIL/Adware.Dotdo.Q Initial Checkin (malware.rules)
2821805 - ProApps TROJAN Win32/AbStealer Checkin (trojan.rules)
2821806 - ProApps TROJAN PoisonIvy Keepalive to CnC 479 (trojan.rules)
2821807 - ProApps TROJAN PoisonIvy Keepalive to CnC 480 (trojan.rules)
2821808 - ProApps TROJAN Malicious SSL certificate detected (Dreambot/Gozi CnC) (trojan.rules)
2821809 - ProApps TROJAN Terdot.A/Zloader Malicious SSL Cert Observed (trojan.rules)
2821810 - ProApps TROJAN Win32/Banload Variant Checkin (trojan.rules)
2821811 - ProApps TROJAN Win32/Banload Variant Connectivity Check (trojan.rules)
2821812 - ProApps TROJAN NanoCore RAT CnC 13 (trojan.rules)
2821813 - ProApps TROJAN NanoCore RAT CnC 14 (trojan.rules)
2821814 - ProApps TROJAN W32/Banload.XMY Variant Checkin (trojan.rules)
2821815 - ProApps CURRENT_EVENTS Targeted Office 365 Phishing Landing Aug 23 2016 (current_events.rules)
2821816 - ProApps CURRENT_EVENTS Successful Targeted Office365 Phish Aud 23 2016 (current_events.rules)
2821817 - ProApps TROJAN Ransomware CTB-Locker .onion Proxy Domain (trojan.rules)
2821818 - ProApps TROJAN Ransomware CTB-Locker or similar Checkin (trojan.rules)
2821819 - ProApps TROJAN Ransomware CTB-Locker or similar CnC beacon (trojan.rules)
2821820 - ProApps TROJAN MSIL/njRAT/Bladabindi Variant (Revenge RAT) Inbound Keepalive (trojan.rules)


[+++] Modify rules: 53 [+++]

2022520 - ProApps POLICY Possible HTA Application Download (policy.rules)
2023017 - ProApps TELNET SUSPICIOUS busybox shell (telnet.rules)
2023018 - ProApps TELNET SUSPICIOUS busybox enable (telnet.rules)
2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules)
2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules)
2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules)
2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules)
2405003 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules)
2405004 - ProApps CNC Shadowserver Reported CnC Server Port 444 Group 1 (botcc.portgrouped.rules)
2405005 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules)
2405006 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules)
2405007 - ProApps CNC Shadowserver Reported CnC Server Port 2016 Group 1 (botcc.portgrouped.rules)
2405008 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules)
2405009 - ProApps CNC Shadowserver Reported CnC Server Port 3211 Group 1 (botcc.portgrouped.rules)
2405010 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules)
2405011 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules)
2405012 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules)
2405013 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules)
2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4466 Group 1 (botcc.portgrouped.rules)
2405015 - ProApps CNC Shadowserver Reported CnC Server Port 5050 Group 1 (botcc.portgrouped.rules)
2405016 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules)
2405017 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules)
2405018 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules)
2405019 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules)
2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules)
2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules)
2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules)
2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules)
2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules)
2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules)
2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules)
2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules)
2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules)
2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules)
2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules)
2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules)
2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules)
2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules)
2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules)
2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules)
2405036 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules)
2405037 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules)
2405038 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules)
2405039 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules)
2405040 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules)
2405041 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules)
2405042 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules)
2405043 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules)
2405044 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules)
2405045 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules)
2405046 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules)
2405047 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules)
2808469 - ProApps TROJAN VanToM RAT Checkin 2 (trojan.rules)


[+++] Removed rules: 4 [+++]

2405048 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules)
2405049 - ProApps CNC Shadowserver Reported CnC Server Port 16667 Group 1 (botcc.portgrouped.rules)
2405050 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules)
2405051 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules)


[***] ProApps Security IDS Rules Changelog started Mon Aug 22 17:51:47 2016 [***]

[+++] Added rules: 27 [+++]

2023083 - ProApps TROJAN Alfa/Alpha Ransomware Checkin (trojan.rules)
2405048 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules)
2405049 - ProApps CNC Shadowserver Reported CnC Server Port 16667 Group 1 (botcc.portgrouped.rules)
2405050 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules)
2405051 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules)
2821774 - ProApps TROJAN Alma Locker CnC Beacon (trojan.rules)
2821775 - ProApps CURRENT_EVENTS Possible Successful Citibank Phish M1 Aug 22 2016 (current_events.rules)
2821776 - ProApps CURRENT_EVENTS Possible Successful Citibank Phish M2 Aug 22 2016 (current_events.rules)
2821777 - ProApps TROJAN PoisonIvy Keepalive to CnC 476 (trojan.rules)
2821778 - ProApps TROJAN PoisonIvy Keepalive to CnC 477 (trojan.rules)
2821779 - ProApps TROJAN PoisonIvy Keepalive to CnC 478 (trojan.rules)
2821780 - ProApps TROJAN Ransomware Alma Locker .onion Proxy Domain (trojan.rules)
2821781 - ProApps TROJAN Cerber .onion Proxy Domain (trojan.rules)
2821782 - ProApps TROJAN Sefnit .onion Proxy Domain (trojan.rules)
2821783 - ProApps TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules)
2821784 - ProApps TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules)
2821785 - ProApps TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules)
2821786 - ProApps TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules)
2821787 - ProApps TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules)
2821788 - ProApps TROJAN Ransomware Domain Detected (TorrentLocker C2) (trojan.rules)
2821789 - ProApps TROJAN MSIL/Bladabindi/njRat Variant CnC Checkin (trojan.rules)
2821790 - ProApps CURRENT_EVENTS Successful BMO Phish M1 Aug 22 2016 (current_events.rules)
2821791 - ProApps CURRENT_EVENTS Successful BMO Phish M2 Aug 22 2016 (current_events.rules)
2821792 - ProApps TROJAN Win32/Maptrepol.A SSL Certificate Detected (trojan.rules)
2821793 - ProApps TROJAN NanoCore RAT CnC 11 (trojan.rules)
2821794 - ProApps TROJAN NanoCore RAT CnC 12 (trojan.rules)
2821795 - ProApps MOBILE_MALWARE Android Unknown Trojan Checkin (mobile_malware.rules)


[+++] Modify rules: 98 [+++]

2400000 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 1 (drop.rules)
2400001 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 2 (drop.rules)
2400002 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 3 (drop.rules)
2400003 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 4 (drop.rules)
2400004 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 5 (drop.rules)
2400005 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 6 (drop.rules)
2400006 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 7 (drop.rules)
2400007 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 8 (drop.rules)
2400008 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 9 (drop.rules)
2400009 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 10 (drop.rules)
2400010 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 11 (drop.rules)
2400011 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 12 (drop.rules)
2400012 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 13 (drop.rules)
2400013 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 14 (drop.rules)
2400014 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 15 (drop.rules)
2400015 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 16 (drop.rules)
2400016 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 17 (drop.rules)
2400017 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 18 (drop.rules)
2400018 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 19 (drop.rules)
2400019 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 20 (drop.rules)
2400020 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 21 (drop.rules)
2400021 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 22 (drop.rules)
2400022 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 23 (drop.rules)
2400023 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 24 (drop.rules)
2400024 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 25 (drop.rules)
2400025 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 26 (drop.rules)
2400026 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 27 (drop.rules)
2400027 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 28 (drop.rules)
2400028 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 29 (drop.rules)
2400029 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 30 (drop.rules)
2400030 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 31 (drop.rules)
2400031 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 32 (drop.rules)
2400032 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 33 (drop.rules)
2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules)
2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules)
2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules)
2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules)
2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules)
2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules)
2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules)
2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules)
2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules)
2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules)
2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules)
2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules)
2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules)
2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules)
2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules)
2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules)
2405003 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules)
2405004 - ProApps CNC Shadowserver Reported CnC Server Port 444 Group 1 (botcc.portgrouped.rules)
2405005 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules)
2405006 - ProApps CNC Shadowserver Reported CnC Server Port 1090 Group 1 (botcc.portgrouped.rules)
2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules)
2405008 - ProApps CNC Shadowserver Reported CnC Server Port 1987 Group 1 (botcc.portgrouped.rules)
2405009 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules)
2405010 - ProApps CNC Shadowserver Reported CnC Server Port 3211 Group 1 (botcc.portgrouped.rules)
2405011 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules)
2405012 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules)
2405013 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules)
2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules)
2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4466 Group 1 (botcc.portgrouped.rules)
2405016 - ProApps CNC Shadowserver Reported CnC Server Port 5050 Group 1 (botcc.portgrouped.rules)
2405017 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules)
2405018 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules)
2405019 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules)
2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules)
2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules)
2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules)
2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules)
2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules)
2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules)
2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules)
2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules)
2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules)
2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules)
2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules)
2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules)
2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules)
2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules)
2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules)
2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules)
2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules)
2405037 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules)
2405038 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules)
2405039 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules)
2405040 - ProApps CNC Shadowserver Reported CnC Server Port 7777 Group 1 (botcc.portgrouped.rules)
2405041 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules)
2405042 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules)
2405043 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules)
2405044 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules)
2405045 - ProApps CNC Shadowserver Reported CnC Server Port 9095 Group 1 (botcc.portgrouped.rules)
2405046 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules)
2405047 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules)
2812325 - ProApps CURRENT_EVENTS Possible Successful AirCanada Phish Aug 5 M1 (current_events.rules)
2815793 - ProApps MOBILE_MALWARE Android.Trojan.HiddenApp.EN Checkin 2 (mobile_malware.rules)
2821691 - ProApps TROJAN ZeusPOS Payload M1 (trojan.rules)
2821692 - ProApps TROJAN ZeusPOS Payload M2 (trojan.rules)


[+++] Removed rules: 5 [+++]

2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules)
2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules)
2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules)
2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules)
2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules)


[***] ProApps Security IDS Rules Changelog started Fri Aug 19 17:46:59 2016 [***]

[+++] Added rules: 29 [+++]

2023081 - ProApps TROJAN Curso Banker.BR Checkin (trojan.rules)
2023082 - ProApps TROJAN Curso Banker Downloading Modules (trojan.rules)
2405042 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules)
2405043 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules)
2405044 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules)
2405045 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules)
2405046 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules)
2405047 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules)
2821753 - ProApps CURRENT_EVENTS Possible Successful Generic Phish Aug 16 2016 (current_events.rules)
2821754 - ProApps INFO DYNAMIC_DNS Query to a Suspicious now-ip Domain (info.rules)
2821755 - ProApps WEB_CLIENT Possible nProtect Netizen ActiveX Drive-By (web_client.rules)
2821756 - ProApps CURRENT_EVENTS Successful Google Drive Phish M1 Aug 19 2016 (current_events.rules)
2821757 - ProApps CURRENT_EVENTS Successful Google Drive Phish M2 Aug 19 2016 (current_events.rules)
2821758 - ProApps CURRENT_EVENTS Successful Mailbox Renewal Phish Aug 19 2016 (current_events.rules)
2821759 - ProApps CURRENT_EVENTS Successful Payza Phish Aug 19 2016 (current_events.rules)
2821760 - ProApps CURRENT_EVENTS Successful Excel Phish Aug 19 2016 (current_events.rules)
2821761 - ProApps CURRENT_EVENTS Successful Adobe Shared Document Phish Aug 19 2016 (current_events.rules)
2821762 - ProApps CURRENT_EVENTS Successful Mailbox Deactivation Phish Aug 19 2016 (current_events.rules)
2821763 - ProApps CURRENT_EVENTS Successful Latitude Financial Phish M1 Aug 19 2016 (current_events.rules)
2821764 - ProApps CURRENT_EVENTS Successful Latitude Financial Phish M2 Aug 19 2016 (current_events.rules)
2821765 - ProApps CURRENT_EVENTS Possible Successful Generic Phish (set) Aug 19 2016 (current_events.rules)
2821766 - ProApps TROJAN Ransomware/Cerber Onion Domain Lookup (trojan.rules)
2821767 - ProApps TROJAN W32/Joinme Dropper EXE DL (trojan.rules)
2821768 - ProApps TROJAN W32/Joinme Stealer Checkin (trojan.rules)
2821769 - ProApps CURRENT_EVENTS Adobe Shared Document Phishing Landing Aug 19 2016 (current_events.rules)
2821770 - ProApps CURRENT_EVENTS Successful Universal Webmail Phish Aug 19 2016 (current_events.rules)
2821771 - ProApps CURRENT_EVENTS Universal Webmail Phishing Landing Aug 19 2016 (current_events.rules)
2821772 - ProApps CURRENT_EVENTS Successful Blockchain Account Phish Aug 19 2016 (current_events.rules)
2821773 - ProApps CURRENT_EVENTS Successful Tata Communications Phish Aug 19 2016 (current_events.rules)


[+++] Modify rules: 62 [+++]

2022898 - ProApps CURRENT_EVENTS Evil Redirector Leading to EK Jun 14 2016 (current_events.rules)
2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules)
2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules)
2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules)
2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules)
2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules)
2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules)
2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules)
2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules)
2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules)
2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules)
2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules)
2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules)
2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules)
2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules)
2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules)
2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules)
2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules)
2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules)
2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules)
2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules)
2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules)
2405003 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules)
2405004 - ProApps CNC Shadowserver Reported CnC Server Port 444 Group 1 (botcc.portgrouped.rules)
2405005 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules)
2405006 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules)
2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1587 Group 1 (botcc.portgrouped.rules)
2405008 - ProApps CNC Shadowserver Reported CnC Server Port 2009 Group 1 (botcc.portgrouped.rules)
2405009 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules)
2405010 - ProApps CNC Shadowserver Reported CnC Server Port 3211 Group 1 (botcc.portgrouped.rules)
2405011 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules)
2405012 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules)
2405013 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules)
2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules)
2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4466 Group 1 (botcc.portgrouped.rules)
2405016 - ProApps CNC Shadowserver Reported CnC Server Port 5050 Group 1 (botcc.portgrouped.rules)
2405017 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules)
2405018 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules)
2405019 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules)
2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules)
2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules)
2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules)
2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules)
2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules)
2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules)
2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules)
2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules)
2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules)
2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules)
2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules)
2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules)
2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules)
2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules)
2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules)
2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules)
2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules)
2405037 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules)
2405038 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules)
2405039 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules)
2405040 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules)
2405041 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules)
2816102 - ProApps CURRENT_EVENTS Possible Successful Generic Phish Feb 8 (current_events.rules)


[+++] Removed rules: 8 [+++]

2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules)
2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules)
2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules)
2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules)
2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules)
2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules)
2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules)
2820176 - ProApps TROJAN Unknown Banker.BR Checkin (trojan.rules)


[***] ProApps Security IDS Rules Changelog started Thu Aug 18 17:58:29 2016 [***]

[+++] Added rules: 32 [+++]

2023076 - ProApps TROJAN Aveo Checkin (trojan.rules)
2023077 - ProApps TROJAN Aveo C2 Response (trojan.rules)
2023078 - ProApps TROJAN Aveo C2 Request (trojan.rules)
2023079 - ProApps CURRENT_EVENTS Fake Mobile Virus Scam M1 Aug 18 2016 (current_events.rules)
2023080 - ProApps CURRENT_EVENTS Fake Mobile Virus Scam M2 Aug 18 2016 (current_events.rules)
2405038 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules)
2405039 - ProApps CNC Shadowserver Reported CnC Server Port 16667 Group 1 (botcc.portgrouped.rules)
2405040 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules)
2405041 - ProApps CNC Shadowserver Reported CnC Server Port 42086 Group 1 (botcc.portgrouped.rules)
2821728 - ProApps TROJAN Wrimcom CnC Beacon (trojan.rules)
2821729 - ProApps TROJAN Wrimcom Fake User-Agent (trojan.rules)
2821731 - ProApps CURRENT_EVENTS MalDoc Request for Payload Aug 17 2016 (current_events.rules)
2821732 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Hqwar.z Checkin (mobile_malware.rules)
2821733 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Hqwar.z Checkin 2 (mobile_malware.rules)
2821734 - ProApps TROJAN Cromwi HTTP CnC Beacon 2 (trojan.rules)
2821735 - ProApps TROJAN Cromwi Fake User-Agent (trojan.rules)
2821736 - ProApps TROJAN Cromwi HTTP CnC Beacon (trojan.rules)
2821737 - ProApps TROJAN Babylon RAT C2 Client Request (trojan.rules)
2821738 - ProApps TROJAN Babylon RAT C2 Server Response (trojan.rules)
2821739 - ProApps TROJAN Zeus Variant Checkin (trojan.rules)
2821740 - ProApps TROJAN APT28 XAgent SSL Cert (trojan.rules)
2821741 - ProApps TROJAN Win32.KeyLogger.dyiuae Checkin (trojan.rules)
2821742 - ProApps TROJAN PoisonIvy Keepalive to CnC 475 (trojan.rules)
2821743 - ProApps CURRENT_EVENTS Successful Comcast Phish Aug 18 2016 (current_events.rules)
2821744 - ProApps CURRENT_EVENTS Successful Gmail Phish Aug 18 2016 (current_events.rules)
2821745 - ProApps CURRENT_EVENTS Successful Google Drive Phish Aug 18 2016 (current_events.rules)
2821746 - ProApps CURRENT_EVENTS Possible Successful Phish via Wix.com M1 Aug 18 2016 (current_events.rules)
2821747 - ProApps CURRENT_EVENTS Successful Phish via Wix.com M2 Aug 18 2016 (current_events.rules)
2821749 - ProApps INFO HTTP 522 Returned to Client Possible Broken Malware Checkin (info.rules)
2821750 - ProApps TROJAN Win32/Adware.FileTour.BPL Checkin (trojan.rules)
2821751 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.er SMS Exfil (mobile_malware.rules)
2821752 - ProApps TROJAN W32/Banload.XMY Variant Checkin (trojan.rules)


[+++] Modify rules: 63 [+++]

2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules)
2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules)
2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules)
2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules)
2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules)
2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules)
2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules)
2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules)
2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules)
2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules)
2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules)
2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules)
2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules)
2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules)
2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules)
2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules)
2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules)
2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules)
2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules)
2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules)
2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules)
2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules)
2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules)
2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules)
2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules)
2405000 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules)
2405001 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules)
2405002 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules)
2405003 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules)
2405004 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules)
2405005 - ProApps CNC Shadowserver Reported CnC Server Port 3211 Group 1 (botcc.portgrouped.rules)
2405006 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules)
2405007 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules)
2405008 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules)
2405009 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules)
2405010 - ProApps CNC Shadowserver Reported CnC Server Port 4466 Group 1 (botcc.portgrouped.rules)
2405011 - ProApps CNC Shadowserver Reported CnC Server Port 5050 Group 1 (botcc.portgrouped.rules)
2405012 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules)
2405013 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules)
2405014 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules)
2405015 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules)
2405016 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules)
2405017 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules)
2405018 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules)
2405019 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules)
2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules)
2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules)
2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules)
2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules)
2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules)
2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules)
2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules)
2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6677 Group 1 (botcc.portgrouped.rules)
2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules)
2405029 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules)
2405030 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules)
2405031 - ProApps CNC Shadowserver Reported CnC Server Port 7777 Group 1 (botcc.portgrouped.rules)
2405032 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules)
2405033 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules)
2405034 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules)
2405035 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules)
2405036 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules)
2405037 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules)


[+++] Removed rules: 6 [+++]

2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules)
2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules)
2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules)
2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules)
2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules)
2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules)


[***] ProApps Security IDS Rules Changelog started Wed Aug 17 17:06:48 2016 [***]

[+++] Added rules: 27 [+++]

2023070 - ProApps EXPLOIT Equation Group ExtraBacon Cisco ASA PMCHECK Disable (exploit.rules)
2023071 - ProApps EXPLOIT Equation Group ExtraBacon Cisco ASA AAAADMINAUTH Disable (exploit.rules)
2023072 - ProApps CURRENT_EVENTS Successful Netflix Phish Aug 17 2016 (current_events.rules)
2023073 - ProApps CURRENT_EVENTS Netflix Phishing Landing Aug 17 2016 (current_events.rules)
2023074 - ProApps CURRENT_EVENTS Evil Redirect Leading to EK Aug 17 2016 (current_events.rules)
2023075 - ProApps EXPLOIT Equation Group EGREGIOUSBLUNDER Fortigate Exploit Attempt (exploit.rules)
2821706 - ProApps CURRENT_EVENTS Docusign Phishing Landing Aug 17 2016 (current_events.rules)
2821707 - ProApps CURRENT_EVENTS Successful Docusign/Outlook Phish Aug 17 2016 (current_events.rules)
2821708 - ProApps CURRENT_EVENTS Successful Docusign Phish M2 Aug 17 2016 (current_events.rules)
2821709 - ProApps CURRENT_EVENTS Successful Docusign Phish M1 Aug 17 2016 (current_events.rules)
2821710 - ProApps EXPLOIT Smartthings Bundled Camera Command Injection Attempt 1 (exploit.rules)
2821711 - ProApps EXPLOIT Smartthings Bundled Camera Command Injection Attempt 2 (exploit.rules)
2821712 - ProApps TROJAN LatentBot HTTP POST Checkin (trojan.rules)
2821714 - ProApps TROJAN PoisonIvy Keepalive to CnC (youtube.swf actor) 1 (trojan.rules)
2821715 - ProApps TROJAN PoisonIvy Keepalive to CnC (youtube.swf actor) 2 (trojan.rules)
2821716 - ProApps TROJAN PoisonIvy Keepalive to CnC (youtube.swf actor) 3 (trojan.rules)
2821717 - ProApps TROJAN PoisonIvy Keepalive to CnC (youtube.swf actor) 4 (trojan.rules)
2821718 - ProApps TROJAN PoisonIvy Keepalive to CnC (youtube.swf actor) 5 (trojan.rules)
2821719 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher.l SSL CnC Cert 2 (mobile_malware.rules)
2821720 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher.l SSL CnC Cert 3 (mobile_malware.rules)
2821721 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher.l DNS Lookup 8 (mobile_malware.rules)
2821722 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher.l DNS Lookup 9 (mobile_malware.rules)
2821723 - ProApps TROJAN Possible MWI Stage 2 Beacon (trojan.rules)
2821724 - ProApps CURRENT_EVENTS Evil Redirector to EK - Observed Malicious SSL Cert (current_events.rules)
2821725 - ProApps TROJAN Win32/Agent.WTE HTTP CnC Beacon (trojan.rules)
2821726 - ProApps TROJAN Cromwi CnC Beacon (trojan.rules)
2821727 - ProApps TROJAN Cromwi CnC Beacon Response (trojan.rules)


[+++] Modify rules: 74 [+++]

2021763 - ProApps CURRENT_EVENTS SUSPICIOUS Grey Advertising Often Leading to EK (current_events.rules)
2023066 - ProApps CURRENT_EVENTS Possible Bank of America Phishing Domain Aug 15 2016 (current_events.rules)
2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules)
2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules)
2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules)
2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules)
2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules)
2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules)
2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules)
2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules)
2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules)
2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules)
2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules)
2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules)
2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules)
2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules)
2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules)
2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules)
2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules)
2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules)
2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules)
2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules)
2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules)
2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules)
2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules)
2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules)
2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules)
2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules)
2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules)
2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules)
2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules)
2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules)
2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules)
2405000 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules)
2405001 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules)
2405002 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules)
2405003 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules)
2405004 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules)
2405005 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules)
2405006 - ProApps CNC Shadowserver Reported CnC Server Port 3211 Group 1 (botcc.portgrouped.rules)
2405007 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules)
2405008 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules)
2405009 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules)
2405010 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules)
2405011 - ProApps CNC Shadowserver Reported CnC Server Port 4466 Group 1 (botcc.portgrouped.rules)
2405012 - ProApps CNC Shadowserver Reported CnC Server Port 5050 Group 1 (botcc.portgrouped.rules)
2405013 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules)
2405014 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules)
2405015 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules)
2405016 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules)
2405017 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules)
2405018 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules)
2405019 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules)
2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules)
2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules)
2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules)
2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules)
2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules)
2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6677 Group 1 (botcc.portgrouped.rules)
2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules)
2405027 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules)
2405028 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules)
2405029 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules)
2405030 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules)
2405031 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules)
2405032 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules)
2405033 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules)
2405034 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules)
2405035 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules)
2405036 - ProApps CNC Shadowserver Reported CnC Server Port 21321 Group 1 (botcc.portgrouped.rules)
2405037 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules)
2812169 - ProApps CURRENT_EVENTS Phishing Fake Document Loading Error (current_events.rules)
2812884 - ProApps CURRENT_EVENTS Successful Google Drive Phish Sept 3 (current_events.rules)
2814770 - ProApps CURRENT_EVENTS Successful Gmail Phish Nov 5 (current_events.rules)


[+++] Removed rules: 18 [+++]

2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules)
2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules)
2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules)
2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules)
2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules)
2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules)
2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules)
2405038 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules)
2405039 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules)
2405040 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules)
2405041 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules)
2405042 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules)
2405043 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules)
2405044 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules)
2405045 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules)
2405046 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules)
2405047 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules)
2405048 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules)
Comentários (0)
Postar um novo comentário
 
 
Nome completo:
Email:
Comentários:
Help Desk Software by Kayako suporte.freebsdbrasil.com.br:443/index.php?