[Emerging-Sigs] Daily Ruleset Update Summary 2019/11/01

Jason Williams jwilliams at emergingthreats.net
Fri Nov 1 14:12:04 HDT 2019


[***]            Summary:            [***]

  1 new Open, 20 new Pro (1 + 19).  Various Coinminers, VARIOUS Phish.

  We have a blog up now outlining the new Suricata 5.0 ruleset information
as well information regarding our upcoming plans to EOL rule support for
Suricata 2.0/3.0 Rulesets.

  Suricata 5.0 Support blog:
https://www.proofpoint.com/us/corporate-blog/post/emerging-threats-announcing-support-suricata-50
  Suricata 2/3 EOL information:
https://lists.emergingthreats.net/pipermail/emerging-updates/2019-October/004655.html

  Please share issues, feedback, and requests at
https://feedback.emergingthreats.net/feedback

[+++]          Added rules:          [+++]

 Open:

  2028932 - ET TROJAN Win32/CryptInject.BE!MTB Stealer CnC Checkin
(trojan.rules)

 Pro:

  2839159 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-10-29 1) (trojan.rules)
  2839160 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-10-29 2) (trojan.rules)
  2839161 - ETPRO CURRENT_EVENTS Successful Instagram Phish 2019-11-01
(current_events.rules)
  2839162 - ETPRO CURRENT_EVENTS Successful Office 365 Phish 2019-11-01
(current_events.rules)
  2839163 - ETPRO CURRENT_EVENTS Successful Apartments.com Phish 2019-11-01
(current_events.rules)
  2839164 - ETPRO CURRENT_EVENTS Successful ANA Airlines Phish 2019-11-01
(current_events.rules)
  2839165 - ETPRO CURRENT_EVENTS Successful Ziggo Phish 2019-11-01
(current_events.rules)
  2839166 - ETPRO CURRENT_EVENTS Successful USAA Phish 2019-11-01
(current_events.rules)
  2839167 - ETPRO CURRENT_EVENTS Successful EC21 Phish 2019-11-01
(current_events.rules)
  2839168 - ETPRO CURRENT_EVENTS Successful CIBC Phish 2019-11-01
(current_events.rules)
  2839169 - ETPRO CURRENT_EVENTS Successful Facebook Phish 2019-11-01
(current_events.rules)
  2839170 - ETPRO CURRENT_EVENTS Successful Generic Management Service
Phish 2019-11-01 (current_events.rules)
  2839171 - ETPRO CURRENT_EVENTS Successful Bank of America Phish
2019-11-01 (current_events.rules)
  2839172 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-11-01 1) (trojan.rules)
  2839173 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-11-01 2) (trojan.rules)
  2839174 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-11-01 3) (trojan.rules)
  2839175 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-11-01 4) (trojan.rules)
  2839176 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-11-01 5) (trojan.rules)
  2839177 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-11-01 6) (trojan.rules)

 [---]         Removed rules:         [---]

  2838484 - ETPRO TROJAN Win32/CryptInject.BE!MTB Stealer CnC Checkin
(trojan.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-sigs/attachments/20191101/8074982a/attachment.html>


More information about the Emerging-sigs mailing list