5 new Open rules, 7 new Pro rules, and a lot of tweaks. Enjoy!

[+++]          Added rules:          [+++]

2014132 – ET ACTIVEX HP Easy Printer Care Software XMLCacheMgr ActiveX Control Remote Code Execution Attempt (activex.rules)

2014133 – ET TROJAN W32/Jiwerks.A Checkin (trojan.rules)

2014135 – ET TROJAN Zeus/Reveton checkin to /images.rar (trojan.rules)

2014136 – ET CURRENT_EVENTS Unknown Java Exploit Version Check with hidden applet (current_events.rules)

2014137 – ET MALWARE Common Adware Library ISX User Agent Detected (malware.rules)

New Pro:

2804323 – ETPRO TROJAN Win32/Ransom.EJ checkin (trojan.rules)

2804324 – ETPRO TROJAN Trojan-PSW.Win32.Ruftar.lon sending stolen data via FTP (trojan.rules)

2804325 – ETPRO TROJAN TrojanDownloader.Win32/Karagany.H checkin (trojan.rules)

2804326 – ETPRO TROJAN Variant.Zusy.572 Checkin (trojan.rules)

2804327 – ETPRO TROJAN Win32/Cleaman.G Checkin (trojan.rules)

2804328 – ETPRO TROJAN TrojWare.Win32.Hoax.ArchSMS Install (trojan.rules)

2804329 – ETPRO TROJAN Virus.Win32.OnLineGames!IK Checkin (trojan.rules)

Moved to Policy:

2011819 – ET POLICY Zero Content-Length HTTP POST with data (outbound) (policy.rules)

[///]     Modified active rules:     [///]

2002400 – ET USER_AGENTS Suspicious User Agent (Microsoft Internet Explorer) (user_agents.rules)

2003486 – ET USER_AGENTS Drivecleaner.com Spyware User-Agent (DriveCleaner Updater) (user_agents.rules)

2003493 – ET MALWARE AskSearch Spyware User-Agent (AskSearchAssistant) (malware.rules)

2008453 – ET SCAN Tomcat Auth Brute Force attempt (admin) (scan.rules)

2008454 – ET SCAN Tomcat Auth Brute Force attempt (tomcat) (scan.rules)

2008455 – ET SCAN Tomcat Auth Brute Force attempt (manager) (scan.rules)

2008625 – ET P2P Pando Client User-Agent Detected (Mozilla/4.0 (Windows U) Pando/1.xx) (p2p.rules)

2009154 – ET SCAN Automated Injection Tool User-Agent (AutoGetColumn) (scan.rules)

2011029 – ET SCAN Netsparker Default User-Agent (scan.rules)

2011701 – ET P2P Bittorrent P2P Client User-Agent (Opera/10.x) (p2p.rules)

2011703 – ET P2P Bittorrent P2P Client User-Agent (Enhanced CTorrent 3.x) (p2p.rules)

2011708 – ET P2P Bittorrent P2P Client User-Agent (Blizzard Downloader 2.x) (p2p.rules)

2012179 – ET WEB_CLIENT Adobe Reader and Acrobat U3D File Invalid Array Index Remote Code Execution Attempt (web_client.rules)

2012312 – ET TROJAN Generic Trojan with /? and Indy Library User-Agent (trojan.rules)

2012629 – ET USER_AGENTS Unknown Trojan User-Agent IE6 on Windows XP (user_agents.rules)

2013173 – ET USER_AGENTS Atomic_Email_Hunter User-Agent Inbound (user_agents.rules)

2013174 – ET USER_AGENTS Atomic_Email_Hunter User-Agent Outbound (user_agents.rules)

2013391 – ET TROJAN Ufasoft bitcoin Related User-Agent (trojan.rules)

2800624 – ETPRO ACTIVEX Microsoft Internet Explorer COM Object Instantiation Memory Corruption (activex.rules)

2801446 – ETPRO WEB_CLIENT Microsoft Internet Explorer 8 IESHIMS.DLL Insecure Library Loading (web_client.rules)

2801454 – ETPRO WEB_CLIENT Windows Media Player ehtrace.dll Insecure Library Loading (web_client.rules)

2801460 – ETPRO WEB_CLIENT Microsoft Office Groove 2007 Insecure Library Loading Code Execution – Set (web_client.rules)

2801468 – ETPRO WEB_CLIENT Insecure Library Loading Request (.dll) (web_client.rules)

2801514 – ETPRO WEB_CLIENT Multiple Load Library Vulns dwmapi.dll Insecure Library Loading (web_client.rules)

2801570 – ETPRO NETBIOS IBM Lotus Notes nnoteswc.dll Insecure Library Loading – SMB-DS Unicode (netbios.rules)

2801571 – ETPRO NETBIOS IBM Lotus Notes nnoteswc.dll Insecure Library Loading – SMB-DS ASCII (netbios.rules)

2801572 – ETPRO NETBIOS IBM Lotus Notes nnoteswc.dll Insecure Library Loading – SMB Unicode (netbios.rules)

2801573 – ETPRO NETBIOS IBM Lotus Notes nnoteswc.dll Insecure Library Loading – SMB ASCII (netbios.rules)

2801574 – ETPRO WEB_CLIENT IBM Lotus Notes nnoteswc.dll Insecure Library Loading (web_client.rules)

2801960 – ETPRO TROJAN Unknown Dropper Checkin start.php (trojan.rules)

2802106 – ETPRO POLICY MOBILE iPhone iTunes User-Agent Detected (policy.rules)

2803343 – ETPRO TROJAN Common Trojan User-Agent Pattern Mozilla5.0 wget3.0 (trojan.rules)

2803589 – ETPRO TROJAN Win32.Banker.FGU Checkin 2 (trojan.rules)

[---]  Disabled and modified rules:  [---]

2800094 – ETPRO EXPLOIT Microsoft Windows Active Directory Crafted LDAP Request Buffer Overflow (exploit.rules)

2800095 – ETPRO EXPLOIT Microsoft Windows Active Directory Crafted LDAP Request Buffer Overflow (exploit.rules)

2800099 – ETPRO IMAP Ipswitch IMail Server IMAP SEARCH Command Buffer Overflow (imap.rules)

[---]         Disabled rules:        [---]

2002851 – ET FTP HP-UX LIST command without login (ftp.rules)

2007604 – ET TROJAN Proxy.Win32.Wopla.ag Server Reply (trojan.rules)

2803270 – ETPRO TROJAN Common Downloader Header Pattern UHCa (trojan.rules)

2803274 – ETPRO TROJAN Common Downloader Header Pattern UH (trojan.rules)

2803340 – ETPRO TROJAN Common Downloader Header Pattern AAeUHCnCk (trojan.rules)

2803427 – ETPRO TROJAN Common Trojan Header Pattern Accept with double slash (trojan.rules)

2803494 – ETPRO TROJAN Common Downloader POST Header Pattern POST ACtHUCo data= (trojan.rules)