Update changelog for 20181220.165251 release

Author: gwillem

debian/changelog

@@ -1,3 +1,127 @@
+mwscan (20181220.165251) xenial; urgency=medium
+
+  [ Willem de Groot ]
+  * Updated CentOS instructions
+
+  [ Max Chadwick ]
+  * Use HTTPS in instructions (#206)
+
+  [ thomasbrockmeier ]
+  * add brewtees.com burner domain (#207)
+
+  [ Willem de Groot ]
+  * brewtees.com from burner to hijacked, see #207 (#208)
+
+  [ thomasbrockmeier ]
+  * add compromised domain (#209)
+
+  [ Willem de Groot ]
+  * Add cratfsman hijacker (#210)
+  * Add extra rule for encrypted webshell (#211)
+  * Add reinfection mechanism sample (#212)
+  * Py2.6 doesnt have keyword args for decode() (#205)
+  * Maxided server spam (#215)
+
+  [ Jeroen Vermeulen ]
+  * Whitelisted es5-ext JS file (#214)
+
+  [ thomasbrockmeier ]
+  * This strain was spotted in the wild with an 8 character offset (#216)
+  * adds jquery-js.com (#217)
+
+  [ Willem de Groot ]
+  * Added google-anaiytic.com burner
+  * Add cdn-ch.org skimmer (#218)
+  * Froghopper backdoor dropper in gif asset (#219)
+  * Update README.md
+  * Removed fp due to false positives (#220)
+  * Walletgear obfuscated malware (#221)
+  * Malware killing malware (#222)
+  * Added market-stats.com burner (reg 2017) (#223)
+  * Found a load of new malware by cross-referencing (#224)
+  * TCI auto hijacked lightbox (#225)
+  * Remove hex eval: FP (#226)
+  * Remove too generic FP sigs (#227)
+  * Update burner-domains.txt
+  * Erpflex hijack (#228)
+
+  [ GoonCyberSec ]
+  * Update burner-domains.txt (#230)
+
+  [ Willem de Groot ]
+  * Add fake googletagmanager burner (#232)
+  * Add jscontroller.stream burner (~500 hits) (#233)
+  * Add allyouwant.online, see SE question (#234)
+  * Update burner-domains.txt
+  * Add https://magentocore.net/clear.json
+  * Moved FP to suspicious.yar (#235)
+  * Add mage.js from magentocore.net
+  * Remove FP from custom
+  * Moved cloudservice.tw from frontend to burners
+  * Add g-analytics analytics.js
+  * Added magento.name (replacement for magentocore.net)
+
+  [ Besselink ]
+  * Update who-is-using.md (#236)
+
+  [ krautface ]
+  * Added exfil domains (#237)
+
+  [ Willem de Groot ]
+  * Update README with early access notice
+  * README.md typo
+  * Update README.md
+  * Update README.md
+  * Added Gossi's find https://twitter.com/GossiTheDog/status/1042807834109456384
+
+  [ pmcmanaman ]
+  * Update burner-domains.txt (#238)
+  * add domains from (#239)
+
+  [ Fabio Ros ]
+  * New malwares, and doc improvements (#240)
+
+  [ Roland Walraven ]
+  * Add whitelist entries for obfuscated licence check. (#241)
+
+  [ Willem de Groot ]
+  * Update README.md
+
+  [ pmcmanaman ]
+  * add more domains (#242)
+
+  [ Willem de Groot ]
+  * Update README.md
+
+  [ evlhomer ]
+  * Added magento-analytics.com (#243)
+
+  [ Dave Chamberlain ]
+  * Added new domain (#244)
+
+  [ Edwin ]
+  * Update burner-domains.txt (#245)
+
+  [ Jonas Hünig ]
+  * Added whitelist for phpwcms (#248)
+
+  [ leeps ]
+  * Whitelist: Add more versions of sqlparser.lib.php (#247)
+
+  [ Jonas Hünig ]
+  * more exact matching for eval_post (#249)
+
+  [ Lucas van Staden ]
+  * Add way to combine with mailx for hosted server cron usage (#250)
+
+  [ Yuxael Egotk ]
+  * Fix handling of files with cached rulesets (#251)
+
+  [ Willem de Groot ]
+  * Update version in setup.py to 20181220.165251
+
+ -- Willem de Groot <[email protected]>  Thu, 20 Dec 2018 16:52:58 +0100
+
 mwscan (20180510.172121) xenial; urgency=medium
 
   [ evlhomer ]