[Emerging-Sigs] Daily Ruleset Update Summary 2018/02/12

Travis Green tgreen at emergingthreats.net
Mon Feb 12 12:44:08 HST 2018


[***]            Summary:            [***]

5 new Open, 16 new Pro (5 + 11).  W32/SPARS, Trensil.B CnC, Various
Phishing.


[+++]          Added rules:          [+++]

Open:

 2025341 - ET CURRENT_EVENTS Facebook Phishing Landing 2018-02-12
(current_events.rules)
 2025342 - ET CURRENT_EVENTS OneDrive Phishing Landing 2018-02-12
(current_events.rules)
 2025343 - ET CURRENT_EVENTS Wells Fargo Phishing Landing 2018-02-12
(current_events.rules)
 2025344 - ET TROJAN W32/SPARS/ARS Stealer Checkin (trojan.rules)
 2025345 - ET CURRENT_EVENTS Fake AV Phone Scam Landing Feb 12
(current_events.rules)

Pro:

 2829627 - ETPRO TROJAN Observed Malicious SSL Cert (Trensil.B CnC)
(trojan.rules)
 2829628 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2018-02-12 1) (trojan.rules)
 2829629 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2018-02-12 2) (trojan.rules)
 2829630 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2018-02-12 3) (trojan.rules)
 2829631 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2018-02-12 4) (trojan.rules)
 2829632 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2018-02-12 5) (trojan.rules)
 2829633 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2018-02-12 6) (trojan.rules)
 2829634 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2018-02-12 7) (trojan.rules)
 2829635 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2018-02-12 8) (trojan.rules)
 2829636 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2018-02-12 9) (trojan.rules)
 2829637 - ETPRO TROJAN Net-Worm.Win32.Kolabc Checkin (trojan.rules)


[///]     Modified active rules:     [///]

 2025333 - ET CURRENT_EVENTS Successful Generic .EDU Phish (Legit Set)
(current_events.rules)
 2828467 - ETPRO TROJAN MSIL/MarioRAT Sending Screenshot to CnC
(trojan.rules)
 2829459 - ETPRO TROJAN Win32/Agent.ZGL Variant W32/UDPOS Checkin
(trojan.rules)
 2829617 - ETPRO EXPLOIT Adobe Flash Use After Free (CVE-2018-4877)
(exploit.rules)


-- 
PGP: 0xBED7B297
<https://pgp.mit.edu/pks/lookup?op=get&search=0x6B68453CBED7B297>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-sigs/attachments/20180212/56889514/attachment.html>


More information about the Emerging-sigs mailing list