[Emerging-Sigs] Daily Ruleset Update Summary 2019/04/18
Jason Williams
jwilliams at emergingthreats.net
Thu Apr 18 14:04:20 HDT 2019
[***] Summary: [***]
12 new Open, 20 new Pro (12 + 8). Sauron, Coinminers, Various Phishing.
[+++] Added rules: [+++]
Open:
2027220 - ET MOBILE_MALWARE Windows Phone PUA.Redpher (myservicessapps
.com in DNS Lookup) (mobile_malware.rules)
2027221 - ET TROJAN Observed Malicious SSL Cert (Unattributed CnC)
(trojan.rules)
2027222 - ET TROJAN Observed Malicious SSL Cert (Unattributed CnC)
(trojan.rules)
2027223 - ET TROJAN Observed Malicious SSL Cert (Unattributed CnC)
(trojan.rules)
2027224 - ET TROJAN Unattributed CnC Domain in DNS Lookup (xsecuremail
.com) (trojan.rules)
2027225 - ET TROJAN Unattributed CnC Domain in DNS Lookup (wipro365 .com)
(trojan.rules)
2027226 - ET TROJAN Unattributed CnC Domain in DNS Lookup
(microsoftonline-secure-login .com) (trojan.rules)
2027227 - ET TROJAN Unattributed CnC Domain in DNS Lookup (secure-message
.online) (trojan.rules)
2027228 - ET TROJAN Unattributed CnC Domain in DNS Lookup (encrypt-email
.online) (trojan.rules)
2027229 - ET TROJAN Unattributed CnC Domain in DNS Lookup (secured-mail
.online) (trojan.rules)
2027230 - ET TROJAN Unattributed CnC Domain in DNS Lookup
(internal-message .app) (trojan.rules)
2027231 - ET TROJAN Unattributed CnC Domain in DNS Lookup
(encrypted-message .cloud) (trojan.rules)
Pro:
2835937 - ETPRO MOBILE_MALWARE Trojan-Locker.AndroidOS.Sauron CnC Beacon
(mobile_malware.rules)
2835938 - ETPRO MOBILE_MALWARE Trojan-Locker.AndroidOS.Sauron CnC Beacon
2 (mobile_malware.rules)
2835939 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-04-18 1) (trojan.rules)
2835940 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-04-18 2) (trojan.rules)
2835941 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-04-18 3) (trojan.rules)
2835942 - ETPRO CURRENT_EVENTS Successful Outlook Phish 2019-04-18
(current_events.rules)
2835943 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish
2019-04-18 (current_events.rules)
2835944 - ETPRO CURRENT_EVENTS Successful Navy Federal Credit Union Phish
2019-04-18 (current_events.rules)
[///] Modified active rules: [///]
2822205 - ETPRO TROJAN Known Spam Domain DNS Lookup (trojan.rules)
2835900 - ETPRO CURRENT_EVENTS Successful Bank of America Phish
2019-04-16 (current_events.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-sigs/attachments/20190418/6253fca8/attachment.html>
More information about the Emerging-sigs
mailing list