Skip to content

Commit

Permalink
Update changelog for 20181220.165251 release
Browse files Browse the repository at this point in the history
  • Loading branch information
@gwillem
gwillem committed Dec 20, 2018
1 parent 5606d57 commit cb29e43
Showing 1 changed file with 124 additions and 0 deletions.
124 changes: 124 additions & 0 deletions debian/changelog
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,127 @@
mwscan (20181220.165251) xenial; urgency=medium

[ Willem de Groot ]
* Updated CentOS instructions

[ Max Chadwick ]
* Use HTTPS in instructions (#206)

[ thomasbrockmeier ]
* add brewtees.com burner domain (#207)

[ Willem de Groot ]
* brewtees.com from burner to hijacked, see #207 (#208)

[ thomasbrockmeier ]
* add compromised domain (#209)

[ Willem de Groot ]
* Add cratfsman hijacker (#210)
* Add extra rule for encrypted webshell (#211)
* Add reinfection mechanism sample (#212)
* Py2.6 doesnt have keyword args for decode() (#205)
* Maxided server spam (#215)

[ Jeroen Vermeulen ]
* Whitelisted es5-ext JS file (#214)

[ thomasbrockmeier ]
* This strain was spotted in the wild with an 8 character offset (#216)
* adds jquery-js.com (#217)

[ Willem de Groot ]
* Added google-anaiytic.com burner
* Add cdn-ch.org skimmer (#218)
* Froghopper backdoor dropper in gif asset (#219)
* Update README.md
* Removed fp due to false positives (#220)
* Walletgear obfuscated malware (#221)
* Malware killing malware (#222)
* Added market-stats.com burner (reg 2017) (#223)
* Found a load of new malware by cross-referencing (#224)
* TCI auto hijacked lightbox (#225)
* Remove hex eval: FP (#226)
* Remove too generic FP sigs (#227)
* Update burner-domains.txt
* Erpflex hijack (#228)

[ GoonCyberSec ]
* Update burner-domains.txt (#230)

[ Willem de Groot ]
* Add fake googletagmanager burner (#232)
* Add jscontroller.stream burner (~500 hits) (#233)
* Add allyouwant.online, see SE question (#234)
* Update burner-domains.txt
* Add https://magentocore.net/clear.json
* Moved FP to suspicious.yar (#235)
* Add mage.js from magentocore.net
* Remove FP from custom
* Moved cloudservice.tw from frontend to burners
* Add g-analytics analytics.js
* Added magento.name (replacement for magentocore.net)

[ Besselink ]
* Update who-is-using.md (#236)

[ krautface ]
* Added exfil domains (#237)

[ Willem de Groot ]
* Update README with early access notice
* README.md typo
* Update README.md
* Update README.md
* Added Gossi's find https://twitter.com/GossiTheDog/status/1042807834109456384

[ pmcmanaman ]
* Update burner-domains.txt (#238)
* add domains from (#239)

[ Fabio Ros ]
* New malwares, and doc improvements (#240)

[ Roland Walraven ]
* Add whitelist entries for obfuscated licence check. (#241)

[ Willem de Groot ]
* Update README.md

[ pmcmanaman ]
* add more domains (#242)

[ Willem de Groot ]
* Update README.md

[ evlhomer ]
* Added magento-analytics.com (#243)

[ Dave Chamberlain ]
* Added new domain (#244)

[ Edwin ]
* Update burner-domains.txt (#245)

[ Jonas Hünig ]
* Added whitelist for phpwcms (#248)

[ leeps ]
* Whitelist: Add more versions of sqlparser.lib.php (#247)

[ Jonas Hünig ]
* more exact matching for eval_post (#249)

[ Lucas van Staden ]
* Add way to combine with mailx for hosted server cron usage (#250)

[ Yuxael Egotk ]
* Fix handling of files with cached rulesets (#251)

[ Willem de Groot ]
* Update version in setup.py to 20181220.165251

-- Willem de Groot <gwillem@gmail.com> Thu, 20 Dec 2018 16:52:58 +0100

mwscan (20180510.172121) xenial; urgency=medium

[ evlhomer ]
Expand Down

0 comments on commit cb29e43

Please sign in to comment.