Snort mailing list archives
Re: Feodo Botnet
From: "Arbeiter, Stefan (K-SIS-O/1)" <stefan.arbeiter () volkswagen de>
Date: Fri, 24 Jan 2014 13:34:38 +0000
Hi all, malwaremustdie has additional details: http[://]malwaremustdie.blogspot[.]de/2013/01/cridex-fareit-infection-analysis.html?spref=tw&m=1 including this User-Agent Mozilla/5.0 (Windows; U; MSIE 7.0; Windows NT 6.0; en-US No FP so far. Von: James Lay [mailto:jlay () slave-tothe-box net] Gesendet: Freitag, 24. Januar 2014 12:59 An: snort-sigs () lists sourceforge net Betreff: Re: [Snort-sigs] Feodo Botnet On Fri, 2014-01-24 at 11:36 +0100, Lukas Matt wrote: Hi guys, our sources are reporting heavy spam loads created by the Feodo Botnet. A quick search on the rules produced no result. Does guys (https://feodotracker.abuse.ch/blocklist.php?download=snort) wrote already some IPS rules. Will there be a update in future? Regards, Lukas Nice work..thank you. James
------------------------------------------------------------------------------ CenturyLink Cloud: The Leader in Enterprise Cloud Services. Learn Why More Businesses Are Choosing CenturyLink Cloud For Critical Workloads, Development Environments & Everything In Between. Get a Quote or Start a Free Trial Today. http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
_______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- Feodo Botnet Lukas Matt (Jan 24)
- Re: Feodo Botnet James Lay (Jan 24)
- Re: Feodo Botnet Arbeiter, Stefan (K-SIS-O/1) (Jan 24)
- Re: Feodo Botnet James Lay (Jan 24)