[Emerging-Sigs] Daily Ruleset Update Summary 2018/02/27

Travis Green tgreen at emergingthreats.net
Tue Feb 27 12:32:49 HST 2018


[***]            Summary:            [***]

1 new Open, 18 new Pro (1 + 17). Panda.Banker, PUP.Installmonster,
W32/Kutaki, Various Phishing, Various Mobile.

Try the new feedback tool: https://feedback.emergingthreats.net/feedback


[+++]          Added rules:          [+++]

Open:

 2025400 - ET USER_AGENTS APN/Ask Toolbar PUA/PUP User-Agent
(user_agents.rules)

Pro:

 2829811 - ETPRO CURRENT_EVENTS Successful Stripe Phish 2018-02-27
(current_events.rules)
 2829812 - ETPRO CURRENT_EVENTS Successful Office 365 Phish 2018-02-27
(current_events.rules)
 2829813 - ETPRO CURRENT_EVENTS Successful Verified by Visa Phish
2018-02-27 (current_events.rules)
 2829814 - ETPRO CURRENT_EVENTS Successful Ziraat Bank Phish 2018-02-27
(current_events.rules)
 2829815 - ETPRO CURRENT_EVENTS Successful Netflix Phish 2018-02-27 M1
(current_events.rules)
 2829816 - ETPRO CURRENT_EVENTS Successful Netflix Phish 2018-02-27 M2
(current_events.rules)
 2829817 - ETPRO CURRENT_EVENTS Successful Bank of America Phish 2018-02-27
(current_events.rules)
 2829818 - ETPRO CURRENT_EVENTS Successful Impots.gouv.fr Phish 2018-02-27
(current_events.rules)
 2829819 - ETPRO TROJAN Observed Malicious SSL Cert (Cobalt Group CnC)
(trojan.rules)
 2829820 - ETPRO TROJAN Observed Malicious SSL Cert (Cobalt Group CnC 2)
(trojan.rules)
 2829821 - ETPRO TROJAN Panda.Banker Malicious SSL Certificate Detected
(trojan.rules)
 2829822 - ETPRO MALWARE PUP.Installmonster Hardcoded UA M2 (malware.rules)
 2829823 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.DroidSpy.a Checkin
(mobile_malware.rules)
 2829824 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin
292 (mobile_malware.rules)
 2829825 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin
293 (mobile_malware.rules)
 2829826 - ETPRO TROJAN W32/Kutaki Checkin (trojan.rules)
 2829827 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2018-02-27 1) (trojan.rules)


-- 
PGP: 0xBED7B297
<https://pgp.mit.edu/pks/lookup?op=get&search=0x6B68453CBED7B297>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-sigs/attachments/20180227/70e54ae5/attachment.html>


More information about the Emerging-sigs mailing list