List Info

Thread: Bleeding Edge Threats Daily Signature Changes
Bleeding Edge Threats Daily Signature Changes
country flaguser name
United States		 2007-11-01 15:00:13 
[***] Results from Oinkmaster started Thu Nov  1 20:00:13
2007 [***]

[+++]          Added rules:          [+++]

 2007649 - BLEEDING-EDGE MALWARE Spylog.ru Related Spyware
Checkin (bleeding-malware.rules)
 2007650 - BLEEDING-EDGE CURRENT_EVENTS Mac Trojan HTTP
Checkin (accept-language violation) (bleeding.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-malware.rules (2):
        #from sandnet data
        #by matt jonkman

     -> Added to bleeding-sid-msg.map (30):
        2007649 || BLEEDING-EDGE MALWARE Spylog.ru Related
Spyware Checkin
        2007650 || BLEEDING-EDGE CURRENT_EVENTS Mac Trojan
HTTP Checkin (accept-language violation)
        2500332 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (333) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500333 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (334) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500334 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (335) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500335 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (336) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500336 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (337) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500337 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (338) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500338 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (339) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500339 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (340) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500340 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (341) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500341 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (342) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500342 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (343) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500343 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (344) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500344 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (345) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2500345 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic (346) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510332 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (333) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510333 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (334) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510334 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (335) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510335 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (336) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510336 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (337) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510337 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (338) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510338 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (339) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510339 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (340) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510340 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (341) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510341 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (342) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510342 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (343) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510343 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (344) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510344 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (345) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts
        2510345 || BLEEDING-EDGE COMPROMISED Known
Compromised or Hostile Host Traffic - BLOCKING (346) ||
url,doc.bleedingthreats.net/bin/view/Main/CompromisedHosts

     -> Added to bleeding.rules (3):
        #needs a better name
        #info from Bojan at ISC and Russell Fulton
        # sig by Russell and Matt Jonkman

_______________________________________________
Bleeding-sigs mailing list
Bleeding-sigsbleedingthreats.net
http://lists.bleedingthreats.net/cgi-bin/
mailman/listinfo/bleeding-sigs
[1]

about | contact  Other archives ( Real Estate discussion Medical topics )