[Emerging-Sigs] Daily Ruleset Update Summary 2019/08/29

James Emery-Callcott jcallcott at emergingthreats.net
Thu Aug 29 13:02:17 HDT 2019


[***]            Summary:            [***]

  0 new Open, 21 new Pro.  AndroidOS.FakeApp, FIN6, Various Phish, Various
SSL/TLS.

  Please share issues, feedback, and requests at
https://feedback.emergingthreats.net/feedback

[+++]          Added rules:          [+++]

Pro:

  2838220 - ETPRO MOBILE_MALWARE Android/Hiddad.XS Checkin
(mobile_malware.rules)
  2838221 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.FakeApp Contact Exfil
(mobile_malware.rules)
  2838222 - ETPRO CURRENT_EVENTS Successful Facebook Phish 2019-08-29
(current_events.rules)
  2838223 - ETPRO CURRENT_EVENTS Successful Microsoft Office Phish
2019-08-29 (current_events.rules)
  2838224 - ETPRO CURRENT_EVENTS Successful Facebook Phish 2019-08-29
(current_events.rules)
  2838225 - ETPRO CURRENT_EVENTS Successful Tinder Verification Phish
2019-08-29 (current_events.rules)
  2838226 - ETPRO CURRENT_EVENTS Successful 1&1 Phish 2019-08-29
(current_events.rules)
  2838227 - ETPRO CURRENT_EVENTS Successful Bank of America Phish
2019-08-29 (current_events.rules)
  2838228 - ETPRO CURRENT_EVENTS Successful Suntrust Phish 2019-08-29
(current_events.rules)
  2838229 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-08-29 (current_events.rules)
  2838230 - ETPRO CURRENT_EVENTS Successful CIBC Phish 2019-08-29
(current_events.rules)
  2838231 - ETPRO CURRENT_EVENTS Successful Citibank Phish 2019-08-29
(current_events.rules)
  2838232 - ETPRO CURRENT_EVENTS Successful Simplii Phish 2019-08-29
(current_events.rules)
  2838233 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-08-29 (current_events.rules)
  2838234 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish
2019-08-29 (current_events.rules)
  2838235 - ETPRO CURRENT_EVENTS Successful Sparkasse Phish 2019-08-29
(current_events.rules)
  2838236 - ETPRO CURRENT_EVENTS Successful Sparkasse Phish 2019-08-29
(current_events.rules)
  2838237 - ETPRO TROJAN Observed Malicious SSL Cert (More_Eggs CnC)
(trojan.rules)
  2838238 - ETPRO POLICY External IP Lookup (api .rest7 .com) (policy.rules)
  2838239 - ETPRO TROJAN Observed Malicious SSL Cert
(MSIL/TrojanDownloader.Agent.FNL) M2 (trojan.rules)
  2838240 - ETPRO TROJAN Observed Malicious SSL Cert
(MSIL/TrojanDownloader.Agent.FNL) M1 (trojan.rules)

---------------------------------------

James Emery-Callcott
Security Researcher | ProofPoint Inc | Emerging Threats Team
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-sigs/attachments/20190829/9eb6552e/attachment.html>


More information about the Emerging-sigs mailing list