[***] Results from Oinkmaster started Tue Oct 9 00:00:14
2007 [***]
[+++] Added rules: [+++]
2007627 - BLEEDING-EDGE POLICY Hyves Login Attempt
(bleeding-policy.rules)
2007628 - BLEEDING-EDGE POLICY Hyves Inbox Access
(bleeding-policy.rules)
2007629 - BLEEDING-EDGE POLICY Hyves Message Access
(bleeding-policy.rules)
2007630 - BLEEDING-EDGE POLICY Hyves Compose Message
(bleeding-policy.rules)
2007631 - BLEEDING-EDGE POLICY Hyves Message Submit
(bleeding-policy.rules)
[///] Modified active rules: [///]
2003649 - BLEEDING-EDGE TROJAN Hupinon User Agent Detected
(SykO) (bleeding-virus.rules)
2003932 - BLEEDING-EDGE TROJAN Hupinon User Agent Detected
(IE_7.0) (bleeding-virus.rules)
2007592 - BLEEDING-EDGE TROJAN Hupinon URL Infection
Checkin Detected (bleeding-virus.rules)
[+++] Added non-rule lines: [+++]
-> Added to bleeding-policy.rules (3):
#Dutch myspace style social networking site. Not a
security threat, just a generally not permissable thing for
the workplace
# by Cees Elzinga
# Both hyves.nl and hyves.net are used, so check for
"hyves."
-> Added to bleeding-sid-msg.map (32):
2003649 || BLEEDING-EDGE TROJAN Hupinon User Agent
Detected (SykO)
2003932 || BLEEDING-EDGE TROJAN Hupinon User Agent
Detected (IE_7.0)
2007592 || BLEEDING-EDGE TROJAN Hupinon URL
Infection Checkin Detected
2007627 || BLEEDING-EDGE POLICY Hyves Login Attempt
2007628 || BLEEDING-EDGE POLICY Hyves Inbox Access
2007629 || BLEEDING-EDGE POLICY Hyves Message
Access
2007630 || BLEEDING-EDGE POLICY Hyves Compose
Message
2007631 || BLEEDING-EDGE POLICY Hyves Message
Submit
2500602 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (603) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
2500603 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (604) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
2500604 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (605) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
2500605 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (606) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
2500606 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (607) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
2500607 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (608) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
2500608 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (609) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
2500609 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (610) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
2500610 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (611) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
2500611 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (612) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
2500612 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (613) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
2500613 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (614) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
2510602 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (603) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
2510603 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (604) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
2510604 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (605) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
2510605 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (606) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
2510606 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (607) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
2510607 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (608) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
2510608 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (609) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
2510609 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (610) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
2510610 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (611) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
2510611 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (612) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
2510612 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (613) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
2510613 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (614) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
[---] Removed non-rule lines: [---]
-> Removed from bleeding-sid-msg.map (3):
2003649 || BLEEDING-EDGE TROJAN Hupingon User Agent
Detected (SykO)
2003932 || BLEEDING-EDGE TROJAN Hupingon User Agent
Detected (IE_7.0)
2007592 || BLEEDING-EDGE TROJAN Hupingon URL
Infection Checkin Detected
_______________________________________________
Bleeding-sigs mailing list
Bleeding-sigs bleedingthreats.net
http://lists.bleedingthreats.net/cgi-bin/
mailman/listinfo/bleeding-sigs
|
