Live Chat Software by Kayako
News
Jan
19
ProApps Security IDS Rules Changelog 2017-01-19
Posted by Rafael Honorato on 19/Jan 09:29
[***]  Summary  2017-01-19  [***]

 Total added rules: 141
 Total modified rules: 697
 Total removed rules: 15



[***] ProApps Security IDS Rules Changelog started Wed Jan 18 18:50:15 2017 [***]

[+++]          Added rules:  40        [+++]

 2023746 - ProApps TROJAN User-Agent (Xmaker) (trojan.rules)
 2023747 - ProApps TROJAN Evil JS Ransomware (trojan.rules)
 2824478 - ProApps TROJAN Zeus Panda Banker Malicious SSL Certificate Detected (trojan.rules)
 2824479 - ProApps TROJAN Win32/Filecoder.Philadelphia.E .onion Proxy Domain (trojan.rules)
 2824480 - ProApps TROJAN Win32/Filecoder.Philadelphia.E .onion Proxy Domain (trojan.rules)
 2824481 - ProApps TROJAN GhostAdmin Bot USER Command (trojan.rules)
 2824482 - ProApps TROJAN GhostAdmin Bot JOIN Command (trojan.rules)
 2824483 - ProApps TROJAN GhostAdmin Bot FTP Login (trojan.rules)
 2824484 - ProApps TROJAN GhostAdmin Bot Keylogger FTP Upload (trojan.rules)
 2824485 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules)
 2824486 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules)
 2824487 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules)
 2824488 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.Marcher DNS Lookup (mobile_malware.rules)
 2824489 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.Ecobatry.a Checkin (mobile_malware.rules)
 2824490 - ProApps TROJAN DNS Query to Cerber Domain (19ob95 . top) (trojan.rules)
 2824491 - ProApps TROJAN DNS Query to Cerber Domain (16gjpm . top) (trojan.rules)
 2824492 - ProApps TROJAN DNS Query to Cerber Domain (12gzrv . top) (trojan.rules)
 2824493 - ProApps TROJAN DNS Query to Cerber Domain (156vkx . top) (trojan.rules)
 2824494 - ProApps TROJAN DNS Query to Cerber Domain (17ldrv . top) (trojan.rules)
 2824495 - ProApps TROJAN DNS Query to Cerber Domain (15rnwa . top) (trojan.rules)
 2824496 - ProApps TROJAN DNS Query to Cerber Domain (1cqoww . top) (trojan.rules)
 2824497 - ProApps TROJAN DNS Query to Cerber Domain (15l2ub . top) (trojan.rules)
 2824498 - ProApps TROJAN DNS Query to Cerber Domain (1pbu64 . top) (trojan.rules)
 2824499 - ProApps TROJAN DNS Query to Cerber Domain (191jcq . top) (trojan.rules)
 2824500 - ProApps TROJAN DNS Query to Cerber Domain (1kdfj8 . top) (trojan.rules)
 2824501 - ProApps TROJAN APT28 XTunnel DNS Lookup (trojan.rules)
 2824502 - ProApps MOBILE_MALWARE Trojan-Ransom.AndroidOS.Pletor.b Checkin (mobile_malware.rules)
 2824503 - ProApps MOBILE_MALWARE Android/Simplocker.R DNS Lookup (mobile_malware.rules)
 2824504 - ProApps TROJAN PadCrypt Ransomware DGA Checkin (trojan.rules)
 2824505 - ProApps TROJAN Ransomware Domain Detected (Padcrypt) (trojan.rules)
 2824506 - ProApps EXPLOIT Grandstream IP Phone Password Disclosure (exploit.rules)
 2824507 - ProApps TROJAN Unknown MalDoc CnC Beacon (trojan.rules)
 2824508 - ProApps CURRENT_EVENTS Successful Adobe Shared PDF Phish M1 Jan 18 2017 (current_events.rules)
 2824509 - ProApps CURRENT_EVENTS Successful Adobe Shared PDF Phish M2 Jan 18 2017 (current_events.rules)
 2824510 - ProApps CURRENT_EVENTS Successful MBNA Phish M1 Jan 18 2017 (current_events.rules)
 2824511 - ProApps CURRENT_EVENTS Successful MBNA Phish M2 Jan 18 2017 (current_events.rules)
 2824512 - ProApps CURRENT_EVENTS Successful MBNA Phish M3 Jan 18 2017 (current_events.rules)
 2824513 - ProApps CURRENT_EVENTS Successful Poste Italiane Phish Jan 18 2016 (current_events.rules)
 2824514 - ProApps CURRENT_EVENTS Successful LinkedIn Phish Jan 18 2017 (current_events.rules)
 2824515 - ProApps CURRENT_EVENTS Successful Netflix Phish Jan 18 2017 (current_events.rules)


[+++]          Modify rules:  162       [+++]

 2011582 - ProApps POLICY Vulnerable Java Version 1.6.x Detected (policy.rules)
 2013808 - ProApps TROJAN Dooptroop Dropper Checkin (trojan.rules)
 2014112 - ProApps TROJAN Dooptroop CnC Beacon (trojan.rules)
 2014297 - ProApps POLICY Vulnerable Java Version 1.7.x Detected (policy.rules)
 2019401 - ProApps POLICY Vulnerable Java Version 1.8.x Detected (policy.rules)
 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules)
 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules)
 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules)
 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules)
 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules)
 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules)
 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules)
 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules)
 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules)
 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules)
 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules)
 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules)
 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules)
 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules)
 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules)
 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules)
 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules)
 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules)
 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules)
 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules)
 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules)
 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules)
 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules)
 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules)
 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules)
 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules)
 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules)
 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules)
 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules)
 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules)
 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules)
 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules)
 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules)
 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules)
 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules)
 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules)
 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules)
 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules)
 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules)
 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules)
 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules)
 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules)
 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules)
 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules)
 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules)
 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules)
 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules)
 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules)
 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules)
 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules)
 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules)
 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules)
 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules)
 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules)
 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules)
 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules)
 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules)
 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules)
 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules)
 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules)
 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules)
 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules)
 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules)
 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules)
 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules)
 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules)
 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules)
 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules)
 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules)
 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules)
 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules)
 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules)
 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules)
 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules)
 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules)
 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules)
 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules)
 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules)
 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules)
 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules)
 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules)
 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules)
 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules)
 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules)
 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules)
 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules)
 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules)
 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules)
 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules)
 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules)
 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules)
 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules)
 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules)
 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules)
 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules)
 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules)
 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules)
 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules)
 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules)
 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules)
 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules)
 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules)
 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules)
 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules)
 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules)
 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 805 Group 1 (botcc.portgrouped.rules)
 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules)
 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules)
 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1881 Group 1 (botcc.portgrouped.rules)
 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules)
 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules)
 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules)
 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules)
 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 4102 Group 1 (botcc.portgrouped.rules)
 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules)
 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules)
 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4433 Group 1 (botcc.portgrouped.rules)
 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 4492 Group 1 (botcc.portgrouped.rules)
 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules)
 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules)
 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules)
 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules)
 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules)
 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules)
 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules)
 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules)
 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules)
 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules)
 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules)
 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules)
 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules)
 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules)
 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules)
 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules)
 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules)
 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules)
 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules)
 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules)
 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules)
 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules)
 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules)
 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules)
 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules)
 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules)
 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules)
 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules)
 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules)
 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules)
 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules)
 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules)
 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules)
 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules)
 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules)
 2806032 - ProApps TROJAN Win32.Scar.hhrw POST (trojan.rules)
 2812810 - ProApps MALWARE Win32/Adware.FileTour Variant PUP Checkin 3 (malware.rules)
 2821937 - ProApps CURRENT_EVENTS Successful Bank of America Phish M1 Aug 31 2016 (current_events.rules)
 2822899 - ProApps CURRENT_EVENTS Successful Windows Live Account Phish Oct 26 2016 (current_events.rules)


[+++]          Removed rules:  3       [+++]

 2014398 - ProApps TROJAN Generic.KD.291903/Win32.TrojanClicker.Agent.NII Nconfirm Checkin (trojan.rules)
 2805761 - ProApps TROJAN Trojan-Ransom.Win32.Foreign.vcs Checkin (trojan.rules)
 2824461 - ProApps TROJAN User-Agent (Xmaker) (trojan.rules)


[***] ProApps Security IDS Rules Changelog started Tue Jan 17 16:38:37 2017 [***]

[+++]          Added rules:  45        [+++]

 2023742 - ProApps CURRENT_EVENTS EITest SocEng Inject Jan 15 2017 M2 (current_events.rules)
 2023743 - ProApps CURRENT_EVENTS EITest SocEng Inject Jan 15 2017 M1 (current_events.rules)
 2023744 - ProApps CURRENT_EVENTS EITest SocEng Inject Jan 15 2017 M2 (current_events.rules)
 2023745 - ProApps CURRENT_EVENTS EITest SocEng Inject Jan 15 2017 EXE Download (current_events.rules)
 2819782 - ProApps TROJAN CrimeScene Mailer Requesting Config (trojan.rules)
 2824438 - ProApps CURRENT_EVENTS Magnitude EK Landing Jan 15 2017 M1 (current_events.rules)
 2824439 - ProApps CURRENT_EVENTS Magnitude EK Landing Jan 15 2017 M2 (current_events.rules)
 2824440 - ProApps CURRENT_EVENTS Magnitude EK Redirect Jan 15 2017 (current_events.rules)
 2824441 - ProApps CURRENT_EVENTS Natwest Phishing Landing Jan 17 2016 (current_events.rules)
 2824442 - ProApps CURRENT_EVENTS Successful Natwest Phish Jan 17 2016 (current_events.rules)
 2824443 - ProApps CURRENT_EVENTS Successful ING Direct Phish Jan 17 2017 (current_events.rules)
 2824444 - ProApps CURRENT_EVENTS Possible Successful Generic Phish (set) Jan 17 2017 (current_events.rules)
 2824445 - ProApps CURRENT_EVENTS Possible Successful Generic Phish (set) Jan 17 2017 (current_events.rules)
 2824446 - ProApps CURRENT_EVENTS Successful Mailbox Account Upgrade Phish Jan 17 2017 (current_events.rules)
 2824447 - ProApps CURRENT_EVENTS Successful Sparkasse (DE) Phish Jan 17 2017 (current_events.rules)
 2824448 - ProApps TROJAN Observed Malicious SSL Cert (Gootkit) (trojan.rules)
 2824449 - ProApps CURRENT_EVENTS GreenFlash SunDown EK Flash Exploit Jan 17 (current_events.rules)
 2824450 - ProApps TROJAN NanoBot .onion Proxy Domain (trojan.rules)
 2824451 - ProApps TROJAN DNS Query to Cerber Domain (19ob95 . top) (trojan.rules)
 2824452 - ProApps TROJAN DNS Query to Cerber Domain (16gjpm . top) (trojan.rules)
 2824453 - ProApps TROJAN DNS Query to Cerber Domain (12gzrv . top) (trojan.rules)
 2824454 - ProApps TROJAN DNS Query to Cerber Domain (17ldrv . top) (trojan.rules)
 2824455 - ProApps TROJAN DNS Query to Cerber Domain (15rnwa . top) (trojan.rules)
 2824456 - ProApps TROJAN DNS Query to Cerber Domain (1pbu64 . top) (trojan.rules)
 2824457 - ProApps TROJAN DNS Query to Cerber Domain (191jcq . top) (trojan.rules)
 2824458 - ProApps TROJAN DNS Query to Cerber Domain (1kdfj8 . top) (trojan.rules)
 2824459 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.SmsBlock.a SMS Exfil via SMTP (mobile_malware.rules)
 2824460 - ProApps MOBILE_MALWARE Trojan-Banker.AndroidOS.SmsBlock.a SMS Exfil via SMTP 2 (mobile_malware.rules)
 2824461 - ProApps TROJAN User-Agent (Xmaker) (trojan.rules)
 2824462 - ProApps TROJAN Madness DDOS SSL Cert (trojan.rules)
 2824463 - ProApps TROJAN Observed Malicious Domain SSL Cert in SNI (Unknown) (trojan.rules)
 2824464 - ProApps TROJAN Unknown CnC Checkin (trojan.rules)
 2824465 - ProApps TROJAN StrongPity SSL Cert (trojan.rules)
 2824466 - ProApps TROJAN StrongPity SSL Cert (trojan.rules)
 2824467 - ProApps CURRENT_EVENTS Successful Apple Phish M1 Jan 17 2017 (current_events.rules)
 2824468 - ProApps CURRENT_EVENTS Successful Apple Phish M2 Jan 17 2017 (current_events.rules)
 2824469 - ProApps CURRENT_EVENTS Successful Generic Mailbox Validation Phish Jan 17 2017 (current_events.rules)
 2824470 - ProApps CURRENT_EVENTS Successful Excel Phish M1 Jan 17 2017 (current_events.rules)
 2824471 - ProApps CURRENT_EVENTS Successful Excel Phish M2 Jan 17 2017 (current_events.rules)
 2824472 - ProApps CURRENT_EVENTS Successful Dynamic Folder Phish Jan 17 2017 (current_events.rules)
 2824473 - ProApps CURRENT_EVENTS Successful USAA Phish Jan 17 2017 (current_events.rules)
 2824474 - ProApps CURRENT_EVENTS Successful Capital One Phish Jan 17 2017 (current_events.rules)
 2824475 - ProApps CURRENT_EVENTS Successful Paypal Phish Jan 17 2016 (current_events.rules)
 2824476 - ProApps TROJAN GhostAdmin Sending Configs (trojan.rules)
 2824477 - ProApps MOBILE_MALWARE Trojan-Ransom.AndroidOS.Congur.a Checkin via SMTP (mobile_malware.rules)


[+++]          Modify rules:  198       [+++]

 2017131 - ProApps CURRENT_EVENTS Potential Internet Explorer Use After Free CVE-2013-3163 Exploit URI Struct 1 (current_events.rules)
 2020116 - ProApps POLICY DNS Query for .onion proxy Domain (onion.to) (policy.rules)
 2020126 - ProApps POLICY DNS Query for .onion proxy Domain (tor4pay.com) (policy.rules)
 2020133 - ProApps POLICY DNS Query for .onion proxy Domain (torminater.com) (policy.rules)
 2020430 - ProApps POLICY DNS Query for .onion proxy Domain (onion.city) (policy.rules)
 2022332 - ProApps POLICY DNS Query for .onion proxy Domain (onion.link) (policy.rules)
 2022644 - ProApps POLICY DNS Query for .onion proxy Domain (torgate.es) (policy.rules)
 2400000 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 1 (drop.rules)
 2400001 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 2 (drop.rules)
 2400002 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 3 (drop.rules)
 2400003 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 4 (drop.rules)
 2400004 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 5 (drop.rules)
 2400005 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 6 (drop.rules)
 2400006 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 7 (drop.rules)
 2400007 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 8 (drop.rules)
 2400008 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 9 (drop.rules)
 2400009 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 10 (drop.rules)
 2400010 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 11 (drop.rules)
 2400011 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 12 (drop.rules)
 2400012 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 13 (drop.rules)
 2400013 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 14 (drop.rules)
 2400014 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 15 (drop.rules)
 2400015 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 16 (drop.rules)
 2400016 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 17 (drop.rules)
 2400017 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 18 (drop.rules)
 2400018 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 19 (drop.rules)
 2400019 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 20 (drop.rules)
 2400020 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 21 (drop.rules)
 2400021 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 22 (drop.rules)
 2400022 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 23 (drop.rules)
 2400023 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 24 (drop.rules)
 2400024 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 25 (drop.rules)
 2400025 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 26 (drop.rules)
 2400026 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 27 (drop.rules)
 2400027 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 28 (drop.rules)
 2400028 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 29 (drop.rules)
 2400029 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 30 (drop.rules)
 2400030 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 31 (drop.rules)
 2400031 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 32 (drop.rules)
 2400032 - ProApps DROP Spamhaus DROP Listed Traffic Inbound group 33 (drop.rules)
 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules)
 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules)
 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules)
 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules)
 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules)
 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules)
 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules)
 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules)
 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules)
 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules)
 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules)
 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules)
 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules)
 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules)
 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules)
 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules)
 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules)
 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules)
 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules)
 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules)
 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules)
 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules)
 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules)
 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules)
 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules)
 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules)
 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules)
 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules)
 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules)
 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules)
 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules)
 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules)
 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules)
 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules)
 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules)
 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules)
 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules)
 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules)
 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules)
 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules)
 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules)
 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules)
 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules)
 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules)
 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules)
 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules)
 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules)
 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules)
 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules)
 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules)
 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules)
 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules)
 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules)
 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules)
 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules)
 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules)
 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules)
 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules)
 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules)
 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules)
 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules)
 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules)
 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules)
 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules)
 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules)
 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules)
 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules)
 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules)
 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules)
 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules)
 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules)
 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules)
 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules)
 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules)
 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules)
 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules)
 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules)
 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules)
 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules)
 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules)
 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules)
 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules)
 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules)
 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules)
 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules)
 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules)
 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules)
 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules)
 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules)
 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules)
 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules)
 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules)
 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules)
 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules)
 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules)
 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules)
 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules)
 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules)
 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules)
 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules)
 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules)
 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules)
 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules)
 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules)
 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules)
 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 805 Group 1 (botcc.portgrouped.rules)
 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules)
 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules)
 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1881 Group 1 (botcc.portgrouped.rules)
 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules)
 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules)
 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules)
 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules)
 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 4102 Group 1 (botcc.portgrouped.rules)
 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules)
 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules)
 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4433 Group 1 (botcc.portgrouped.rules)
 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 4492 Group 1 (botcc.portgrouped.rules)
 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules)
 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules)
 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules)
 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules)
 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules)
 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules)
 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules)
 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules)
 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules)
 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules)
 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules)
 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules)
 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules)
 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules)
 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules)
 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules)
 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules)
 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules)
 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules)
 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules)
 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules)
 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules)
 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules)
 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules)
 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules)
 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules)
 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules)
 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules)
 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules)
 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules)
 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules)
 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules)
 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules)
 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules)
 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules)
 2822482 - ProApps CURRENT_EVENTS SunDown/Xer Payload (URL Primer) (current_events.rules)
 2822942 - ProApps CURRENT_EVENTS Successful Yahoo Phish Oct 27 2016 (current_events.rules)
 2824241 - ProApps CURRENT_EVENTS Successful Paypal Phish M4 Jan 05 2017 (current_events.rules)
 2824242 - ProApps CURRENT_EVENTS Successful Paypal Phish M5 Jan 05 2017 (current_events.rules)
 2824243 - ProApps CURRENT_EVENTS Successful Paypal Phish M6 Jan 05 2017 (current_events.rules)


[+++]          Removed rules:  3       [+++]

 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules)
 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules)
 2405054 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules)


[***] ProApps Security IDS Rules Changelog started Fri Jan 13 17:12:45 2017 [***]

[+++]          Added rules:  33        [+++]

 2023740 - ProApps TROJAN Possible Pony Payload DL (trojan.rules)
 2023741 - ProApps TROJAN Pony DLL Download M2 (trojan.rules)
 2824407 - ProApps CURRENT_EVENTS SunDown EK Payload Jan 12 2017 (current_events.rules)
 2824408 - ProApps CURRENT_EVENTS PowerShell Empire Session Initial Activity (current_events.rules)
 2824409 - ProApps TROJAN Cmstar or Etirehni or Related Implant DNS Lookup (trojan.rules)
 2824410 - ProApps TROJAN Cmstar or Etirehni or Related Implant DNS Lookup (trojan.rules)
 2824411 - ProApps TROJAN Cmstar or Etirehni or Related Implant DNS Lookup (trojan.rules)
 2824412 - ProApps TROJAN Cmstar or Etirehni or Related Implant DNS Lookup (trojan.rules)
 2824413 - ProApps TROJAN Cmstar or Etirehni or Related Implant DNS Lookup (trojan.rules)
 2824414 - ProApps TROJAN Cmstar or Etirehni or Related Implant DNS Lookup (trojan.rules)
 2824415 - ProApps TROJAN Cmstar or Etirehni or Related Implant DNS Lookup (trojan.rules)
 2824416 - ProApps TROJAN Cmstar or Etirehni or Related Implant DNS Lookup (trojan.rules)
 2824417 - ProApps TROJAN Cmstar or Etirehni or Related Implant DNS Lookup (trojan.rules)
 2824418 - ProApps TROJAN Cmstar or Etirehni or Related Implant DNS Lookup (trojan.rules)
 2824419 - ProApps TROJAN Cmstar or Etirehni or Related Implant DNS Lookup (trojan.rules)
 2824420 - ProApps TROJAN Cmstar or Etirehni or Related Implant DNS Lookup (trojan.rules)
 2824421 - ProApps TROJAN Win32.Bunitu DNS Lookup (trojan.rules)
 2824422 - ProApps TROJAN Nomri (Cmstar related) DNS Lookup (trojan.rules)
 2824423 - ProApps TROJAN Nomri (Cmstar related) DNS Lookup (trojan.rules)
 2824424 - ProApps TROJAN Nomri (Cmstar related) DNS Lookup (trojan.rules)
 2824425 - ProApps MOBILE_MALWARE Android.Trojan.InfoStealer.IB .onion Proxy Domain (mobile_malware.rules)
 2824426 - ProApps MOBILE_MALWARE Android.Trojan.FakeInst.DU Checkin 2 (mobile_malware.rules)
 2824427 - ProApps CURRENT_EVENTS Possible SunDownEK Payload Jan 13 2017 (current_events.rules)
 2824428 - ProApps WEB_SERVER PHP Ransomware Crypter Upload (web_server.rules)
 2824429 - ProApps TROJAN MSIL/ShinoBot HTTP CnC Checkin (trojan.rules)
 2824430 - ProApps CURRENT_EVENTS Successful Stripe Phish Jan 13 2017 (current_events.rules)
 2824431 - ProApps CURRENT_EVENTS Successful Paypal Phish M1 Jan 13 2017 (current_events.rules)
 2824432 - ProApps CURRENT_EVENTS Successful Paypal Phish M2 Jan 13 2017 (current_events.rules)
 2824433 - ProApps CURRENT_EVENTS Successful RBC Royal Bank Phish Jan 13 2017 (current_events.rules)
 2824434 - ProApps CURRENT_EVENTS Successful Santander Bank Phish M1 Jan 13 2017 (current_events.rules)
 2824435 - ProApps CURRENT_EVENTS Successful Santander Bank Phish M2 Jan 13 2017 (current_events.rules)
 2824436 - ProApps CURRENT_EVENTS Successful Santander Bank Phish M3 Jan 13 2017 (current_events.rules)
 2824437 - ProApps CURRENT_EVENTS Successful Santander Bank Phish M4 Jan 13 2017 (current_events.rules)


[+++]          Modify rules:  173       [+++]

 2013721 - ProApps TROJAN Suspicious User-Agent (WindowsNT) With No Separating Space (trojan.rules)
 2016935 - ProApps WEB_SERVER SQL Injection Select Sleep Time Delay (web_server.rules)
 2018575 - ProApps TROJAN Possible Andromeda download with fake Zip header (1) (trojan.rules)
 2018576 - ProApps TROJAN Possible Andromeda download with fake Zip header (2) (trojan.rules)
 2021918 - ProApps TROJAN DustySky Checkin (trojan.rules)
 2022939 - ProApps CURRENT_EVENTS Possible Pony DLL Download (current_events.rules)
 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules)
 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules)
 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules)
 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules)
 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules)
 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules)
 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules)
 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules)
 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules)
 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules)
 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules)
 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules)
 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules)
 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules)
 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules)
 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules)
 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules)
 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules)
 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules)
 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules)
 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules)
 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules)
 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules)
 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules)
 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules)
 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules)
 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules)
 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules)
 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules)
 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules)
 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules)
 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules)
 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules)
 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules)
 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules)
 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules)
 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules)
 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules)
 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules)
 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules)
 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules)
 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules)
 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules)
 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules)
 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules)
 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules)
 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules)
 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules)
 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules)
 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules)
 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules)
 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules)
 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules)
 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules)
 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules)
 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules)
 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules)
 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules)
 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules)
 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules)
 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules)
 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules)
 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules)
 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules)
 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules)
 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules)
 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules)
 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules)
 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules)
 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules)
 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules)
 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules)
 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules)
 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules)
 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules)
 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules)
 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules)
 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules)
 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules)
 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules)
 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules)
 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules)
 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules)
 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules)
 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules)
 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules)
 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules)
 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules)
 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules)
 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules)
 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules)
 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules)
 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules)
 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules)
 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules)
 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules)
 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules)
 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules)
 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules)
 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules)
 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules)
 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules)
 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules)
 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules)
 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 223 Group 1 (botcc.portgrouped.rules)
 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules)
 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 444 Group 1 (botcc.portgrouped.rules)
 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 805 Group 1 (botcc.portgrouped.rules)
 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules)
 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules)
 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 1881 Group 1 (botcc.portgrouped.rules)
 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 2222 Group 1 (botcc.portgrouped.rules)
 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules)
 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules)
 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules)
 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules)
 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 4102 Group 1 (botcc.portgrouped.rules)
 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules)
 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules)
 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 4433 Group 1 (botcc.portgrouped.rules)
 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 4492 Group 1 (botcc.portgrouped.rules)
 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules)
 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules)
 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules)
 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules)
 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules)
 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules)
 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules)
 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules)
 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules)
 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules)
 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules)
 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules)
 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules)
 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules)
 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules)
 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules)
 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules)
 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules)
 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules)
 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules)
 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules)
 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules)
 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules)
 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules)
 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules)
 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules)
 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules)
 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules)
 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules)
 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules)
 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules)
 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules)
 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules)
 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules)
 2405054 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules)
 2803784 - ProApps SCADA Rockwell RNA Message Negative Header Length (scada.rules)
 2806121 - ProApps MOBILE_MALWARE Trojan.AndroidOS.MTK.a Checkin (mobile_malware.rules)
 2822347 - ProApps CURRENT_EVENTS Successful Adobe Shared Document Phish Oct 3 2016 (current_events.rules)
 2822380 - ProApps CURRENT_EVENTS Successful Paypal Phish Oct 04 2016 (current_events.rules)
 2822430 - ProApps CURRENT_EVENTS Successful Paypal Phish M1 Oct 06 2016 (current_events.rules)
 2822434 - ProApps CURRENT_EVENTS Successful Dropbox Phish Oct 06 2016 (current_events.rules)
 2822466 - ProApps CURRENT_EVENTS Successful Paypal Phish M1 Oct 06 2016 (current_events.rules)
 2822471 - ProApps CURRENT_EVENTS Successful Google Drive Phish Oct 06 2016 (current_events.rules)
 2822482 - ProApps CURRENT_EVENTS SunDown/Xer Payload (URL Primer) (current_events.rules)
 2822848 - ProApps CURRENT_EVENTS Successful Generic Phish (Observed in Apple/Paypal/Amazon Campaigns) M1 Oct 25 2016 (current_events.rules)
 2822979 - ProApps CURRENT_EVENTS Possible Bizarro SunDown Payload (current_events.rules)


[+++]          Removed rules:  4       [+++]

 2405055 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules)
 2405056 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules)
 2814617 - ProApps CURRENT_EVENTS Successful Excel Online Phish Oct 27 (current_events.rules)
 2815247 - ProApps CURRENT_EVENTS Successful Excel Online Phish Dec 8 (current_events.rules)


[***] ProApps Security IDS Rules Changelog started Thu Jan 12 17:15:31 2017 [***]

[+++]          Added rules:  23        [+++]

 2023739 - ProApps TROJAN Maldoc Second Stage VBS Downloader with URL Padding (trojan.rules)
 2405055 - ProApps CNC Shadowserver Reported CnC Server Port 19899 Group 1 (botcc.portgrouped.rules)
 2405056 - ProApps CNC Shadowserver Reported CnC Server Port 33333 Group 1 (botcc.portgrouped.rules)
 2824387 - ProApps TROJAN ARIK/Aaron Keylogger Download Request (trojan.rules)
 2824388 - ProApps TROJAN DNS Query to Cerber Domain (1fete1 . top) (trojan.rules)
 2824389 - ProApps TROJAN DNS Query to Cerber Domain (1nounl . top) (trojan.rules)
 2824390 - ProApps TROJAN DNS Query to Cerber Domain (wiaikl . top) (trojan.rules)
 2824391 - ProApps TROJAN DNS Query to Cerber Domain (ut1k1z . top) (trojan.rules)
 2824392 - ProApps TROJAN DNS Query to Cerber Domain (h4lu4i . bid) (trojan.rules)
 2824393 - ProApps TROJAN DNS Query to Cerber Domain (da34zi . bid) (trojan.rules)
 2824394 - ProApps TROJAN DNS Query to Cerber Domain (5p76tw . top) (trojan.rules)
 2824395 - ProApps TROJAN Marlboro/Wicked Ransomware CnC Checkin (trojan.rules)
 2824396 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.Dalik.a Checkin (mobile_malware.rules)
 2824397 - ProApps TROJAN Bluerid Stealer sending pass user via FTP (trojan.rules)
 2824398 - ProApps CURRENT_EVENTS Possible Successful Generic Phish (set) Jan 12 2017 (current_events.rules)
 2824399 - ProApps CURRENT_EVENTS Successful Paypal Phish M1 Jan 12 2017 (current_events.rules)
 2824400 - ProApps CURRENT_EVENTS Successful Netflix Phish M1 Jan 12 2017 (current_events.rules)
 2824401 - ProApps CURRENT_EVENTS Successful Netflix Phish M2 Jan 12 2017 (current_events.rules)
 2824402 - ProApps CURRENT_EVENTS Successful Paypal Phish M2 Jan 12 2017 (current_events.rules)
 2824403 - ProApps CURRENT_EVENTS Successful Apple (CA) Phish Jan 12 2017 (current_events.rules)
 2824404 - ProApps CURRENT_EVENTS Successful Bank of America Phish Jan 12 2017 (current_events.rules)
 2824405 - ProApps CURRENT_EVENTS Adobe Phishing Landing Jan 12 2017 (current_events.rules)
 2824406 - ProApps TROJAN APT28 DealersChoice DNS Lookup (trojan.rules)


[+++]          Modify rules:  164       [+++]

 2003492 - ProApps MALWARE Suspicious Mozilla User-Agent - Likely Fake (Mozilla/4.0) (malware.rules)
 2007994 - ProApps MALWARE Suspicious User-Agent (1 space) (malware.rules)
 2008120 - ProApps TFTP Outbound TFTP Read Request (tftp.rules)
 2013964 - ProApps TROJAN Suspicious UA Mozilla / 4.0 (trojan.rules)
 2023497 - ProApps DOS Microsoft Windows LSASS Remote Memory Corruption (CVE-2017-0004) (dos.rules)
 2402000 - ProApps DROP Dshield Block Listed Source group 1 (dshield.rules)
 2403300 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 1 (ciarmy.rules)
 2403301 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 2 (ciarmy.rules)
 2403302 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 3 (ciarmy.rules)
 2403303 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 4 (ciarmy.rules)
 2403304 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 5 (ciarmy.rules)
 2403305 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 6 (ciarmy.rules)
 2403306 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 7 (ciarmy.rules)
 2403307 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 8 (ciarmy.rules)
 2403308 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 9 (ciarmy.rules)
 2403309 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 10 (ciarmy.rules)
 2403310 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 11 (ciarmy.rules)
 2403311 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 12 (ciarmy.rules)
 2403312 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 13 (ciarmy.rules)
 2403313 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 14 (ciarmy.rules)
 2403314 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 15 (ciarmy.rules)
 2403315 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 16 (ciarmy.rules)
 2403316 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 17 (ciarmy.rules)
 2403317 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 18 (ciarmy.rules)
 2403318 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 19 (ciarmy.rules)
 2403319 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 20 (ciarmy.rules)
 2403320 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 21 (ciarmy.rules)
 2403321 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 22 (ciarmy.rules)
 2403322 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 23 (ciarmy.rules)
 2403323 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 24 (ciarmy.rules)
 2403324 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 25 (ciarmy.rules)
 2403325 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 26 (ciarmy.rules)
 2403326 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 27 (ciarmy.rules)
 2403327 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 28 (ciarmy.rules)
 2403328 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 29 (ciarmy.rules)
 2403329 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 30 (ciarmy.rules)
 2403330 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 31 (ciarmy.rules)
 2403331 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 32 (ciarmy.rules)
 2403332 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 33 (ciarmy.rules)
 2403333 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 34 (ciarmy.rules)
 2403334 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 35 (ciarmy.rules)
 2403335 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 36 (ciarmy.rules)
 2403336 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 37 (ciarmy.rules)
 2403337 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 38 (ciarmy.rules)
 2403338 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 39 (ciarmy.rules)
 2403339 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 40 (ciarmy.rules)
 2403340 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 41 (ciarmy.rules)
 2403341 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 42 (ciarmy.rules)
 2403342 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 43 (ciarmy.rules)
 2403343 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 44 (ciarmy.rules)
 2403344 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 45 (ciarmy.rules)
 2403345 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 46 (ciarmy.rules)
 2403346 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 47 (ciarmy.rules)
 2403347 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 48 (ciarmy.rules)
 2403348 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 49 (ciarmy.rules)
 2403349 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 50 (ciarmy.rules)
 2403350 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 51 (ciarmy.rules)
 2403351 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 52 (ciarmy.rules)
 2403352 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 53 (ciarmy.rules)
 2403353 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 54 (ciarmy.rules)
 2403354 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 55 (ciarmy.rules)
 2403355 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 56 (ciarmy.rules)
 2403356 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 57 (ciarmy.rules)
 2403357 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 58 (ciarmy.rules)
 2403358 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 59 (ciarmy.rules)
 2403359 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 60 (ciarmy.rules)
 2403360 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 61 (ciarmy.rules)
 2403361 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 62 (ciarmy.rules)
 2403362 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 63 (ciarmy.rules)
 2403363 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 64 (ciarmy.rules)
 2403364 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 65 (ciarmy.rules)
 2403365 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 66 (ciarmy.rules)
 2403366 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 67 (ciarmy.rules)
 2403367 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 68 (ciarmy.rules)
 2403368 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 69 (ciarmy.rules)
 2403369 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 70 (ciarmy.rules)
 2403370 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 71 (ciarmy.rules)
 2403371 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 72 (ciarmy.rules)
 2403372 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 73 (ciarmy.rules)
 2403373 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 74 (ciarmy.rules)
 2403374 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 75 (ciarmy.rules)
 2403375 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 76 (ciarmy.rules)
 2403376 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 77 (ciarmy.rules)
 2403377 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 78 (ciarmy.rules)
 2403378 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 79 (ciarmy.rules)
 2403379 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 80 (ciarmy.rules)
 2403380 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 81 (ciarmy.rules)
 2403381 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 82 (ciarmy.rules)
 2403382 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 83 (ciarmy.rules)
 2403383 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 84 (ciarmy.rules)
 2403384 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 85 (ciarmy.rules)
 2403385 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 86 (ciarmy.rules)
 2403386 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 87 (ciarmy.rules)
 2403387 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 88 (ciarmy.rules)
 2403388 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 89 (ciarmy.rules)
 2403389 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 90 (ciarmy.rules)
 2403390 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 91 (ciarmy.rules)
 2403391 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 92 (ciarmy.rules)
 2403392 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 93 (ciarmy.rules)
 2403393 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 94 (ciarmy.rules)
 2403394 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 95 (ciarmy.rules)
 2403395 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 96 (ciarmy.rules)
 2403396 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 97 (ciarmy.rules)
 2403397 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 98 (ciarmy.rules)
 2403398 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 99 (ciarmy.rules)
 2403399 - ProApps CINS Active Threat Intelligence Poor Reputation IP group 100 (ciarmy.rules)
 2405000 - ProApps CNC Shadowserver Reported CnC Server Port 22 Group 1 (botcc.portgrouped.rules)
 2405001 - ProApps CNC Shadowserver Reported CnC Server Port 80 Group 1 (botcc.portgrouped.rules)
 2405002 - ProApps CNC Shadowserver Reported CnC Server Port 81 Group 1 (botcc.portgrouped.rules)
 2405003 - ProApps CNC Shadowserver Reported CnC Server Port 223 Group 1 (botcc.portgrouped.rules)
 2405004 - ProApps CNC Shadowserver Reported CnC Server Port 443 Group 1 (botcc.portgrouped.rules)
 2405005 - ProApps CNC Shadowserver Reported CnC Server Port 444 Group 1 (botcc.portgrouped.rules)
 2405006 - ProApps CNC Shadowserver Reported CnC Server Port 805 Group 1 (botcc.portgrouped.rules)
 2405007 - ProApps CNC Shadowserver Reported CnC Server Port 1023 Group 1 (botcc.portgrouped.rules)
 2405008 - ProApps CNC Shadowserver Reported CnC Server Port 1337 Group 1 (botcc.portgrouped.rules)
 2405009 - ProApps CNC Shadowserver Reported CnC Server Port 1881 Group 1 (botcc.portgrouped.rules)
 2405010 - ProApps CNC Shadowserver Reported CnC Server Port 1888 Group 1 (botcc.portgrouped.rules)
 2405011 - ProApps CNC Shadowserver Reported CnC Server Port 2087 Group 1 (botcc.portgrouped.rules)
 2405012 - ProApps CNC Shadowserver Reported CnC Server Port 2222 Group 1 (botcc.portgrouped.rules)
 2405013 - ProApps CNC Shadowserver Reported CnC Server Port 2319 Group 1 (botcc.portgrouped.rules)
 2405014 - ProApps CNC Shadowserver Reported CnC Server Port 3211 Group 1 (botcc.portgrouped.rules)
 2405015 - ProApps CNC Shadowserver Reported CnC Server Port 3303 Group 1 (botcc.portgrouped.rules)
 2405016 - ProApps CNC Shadowserver Reported CnC Server Port 3306 Group 1 (botcc.portgrouped.rules)
 2405017 - ProApps CNC Shadowserver Reported CnC Server Port 3993 Group 1 (botcc.portgrouped.rules)
 2405018 - ProApps CNC Shadowserver Reported CnC Server Port 4042 Group 1 (botcc.portgrouped.rules)
 2405019 - ProApps CNC Shadowserver Reported CnC Server Port 4244 Group 1 (botcc.portgrouped.rules)
 2405020 - ProApps CNC Shadowserver Reported CnC Server Port 4318 Group 1 (botcc.portgrouped.rules)
 2405021 - ProApps CNC Shadowserver Reported CnC Server Port 4433 Group 1 (botcc.portgrouped.rules)
 2405022 - ProApps CNC Shadowserver Reported CnC Server Port 4676 Group 1 (botcc.portgrouped.rules)
 2405023 - ProApps CNC Shadowserver Reported CnC Server Port 6556 Group 1 (botcc.portgrouped.rules)
 2405024 - ProApps CNC Shadowserver Reported CnC Server Port 6567 Group 1 (botcc.portgrouped.rules)
 2405025 - ProApps CNC Shadowserver Reported CnC Server Port 6660 Group 1 (botcc.portgrouped.rules)
 2405026 - ProApps CNC Shadowserver Reported CnC Server Port 6662 Group 1 (botcc.portgrouped.rules)
 2405027 - ProApps CNC Shadowserver Reported CnC Server Port 6663 Group 1 (botcc.portgrouped.rules)
 2405028 - ProApps CNC Shadowserver Reported CnC Server Port 6664 Group 1 (botcc.portgrouped.rules)
 2405029 - ProApps CNC Shadowserver Reported CnC Server Port 6665 Group 1 (botcc.portgrouped.rules)
 2405030 - ProApps CNC Shadowserver Reported CnC Server Port 6666 Group 1 (botcc.portgrouped.rules)
 2405031 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 1 (botcc.portgrouped.rules)
 2405032 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 2 (botcc.portgrouped.rules)
 2405033 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 3 (botcc.portgrouped.rules)
 2405034 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 4 (botcc.portgrouped.rules)
 2405035 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 5 (botcc.portgrouped.rules)
 2405036 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 6 (botcc.portgrouped.rules)
 2405037 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 7 (botcc.portgrouped.rules)
 2405038 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 8 (botcc.portgrouped.rules)
 2405039 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 9 (botcc.portgrouped.rules)
 2405040 - ProApps CNC Shadowserver Reported CnC Server Port 6667 Group 10 (botcc.portgrouped.rules)
 2405041 - ProApps CNC Shadowserver Reported CnC Server Port 6668 Group 1 (botcc.portgrouped.rules)
 2405042 - ProApps CNC Shadowserver Reported CnC Server Port 6669 Group 1 (botcc.portgrouped.rules)
 2405043 - ProApps CNC Shadowserver Reported CnC Server Port 6764 Group 1 (botcc.portgrouped.rules)
 2405044 - ProApps CNC Shadowserver Reported CnC Server Port 6768 Group 1 (botcc.portgrouped.rules)
 2405045 - ProApps CNC Shadowserver Reported CnC Server Port 7000 Group 1 (botcc.portgrouped.rules)
 2405046 - ProApps CNC Shadowserver Reported CnC Server Port 7100 Group 1 (botcc.portgrouped.rules)
 2405047 - ProApps CNC Shadowserver Reported CnC Server Port 7770 Group 1 (botcc.portgrouped.rules)
 2405048 - ProApps CNC Shadowserver Reported CnC Server Port 8080 Group 1 (botcc.portgrouped.rules)
 2405049 - ProApps CNC Shadowserver Reported CnC Server Port 8089 Group 1 (botcc.portgrouped.rules)
 2405050 - ProApps CNC Shadowserver Reported CnC Server Port 8585 Group 1 (botcc.portgrouped.rules)
 2405051 - ProApps CNC Shadowserver Reported CnC Server Port 9000 Group 1 (botcc.portgrouped.rules)
 2405052 - ProApps CNC Shadowserver Reported CnC Server Port 10324 Group 1 (botcc.portgrouped.rules)
 2405053 - ProApps CNC Shadowserver Reported CnC Server Port 11830 Group 1 (botcc.portgrouped.rules)
 2405054 - ProApps CNC Shadowserver Reported CnC Server Port 13001 Group 1 (botcc.portgrouped.rules)
 2806671 - ProApps TROJAN TeamRat Stealer sending pass user via FTP (trojan.rules)
 2814597 - ProApps MOBILE_MALWARE Trojan-Spy.AndroidOS.SaveMe.a Checkin (mobile_malware.rules)
 2822224 - ProApps CURRENT_EVENTS Successful Western Union/Paypal Phish Sept 26 2016 (current_events.rules)


[+++]          Removed rules:  5       [+++]

 2823017 - ProApps CURRENT_EVENTS Successful Generic Phish Oct 31 2016 (current_events.rules)
 2823783 - ProApps CURRENT_EVENTS Successful Generic Phish Dec 12 2016 (current_events.rules)
 2823877 - ProApps CURRENT_EVENTS Successful Discover Phish M1 Dec 14 2016 (current_events.rules)
 2823902 - ProApps CURRENT_EVENTS Successful Generic Phish Dec 15 2016 (current_events.rules)
 2823919 - ProApps CURRENT_EVENTS Successful Generic Phish Dec 16 2016 (current_events.rules)

Comments (0)
Post a new comment
 
 
Full Name:
Email:
Comments:
Help Desk Software by Kayako