[Emerging-updates] Daily Ruleset Update Summary 2017/12/29

Travis Green tgreen at emergingthreats.net
Fri Dec 29 11:00:23 HST 2017


[***]            Summary:            [***]

1 new Open, 13 new Pro (1 + 12). FireBlaze, MSIL/Tiny.R, Win32/Crimson
Variant, Various Phishing.


[+++]          Added rules:          [+++]

Open:

 2025177 - ET TROJAN Zeus Panda CnC Domain (in DNS Lookup) (trojan.rules)

Pro:

 2829106 - ETPRO CURRENT_EVENTS Observed FireBlaze Keylogger Downloader
Domain (fireblazes .000webhostapp .com in TLS SNI) (current_events.rules)
 2829107 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2017-12-29
(current_events.rules)
 2829108 - ETPRO TROJAN MSIL/Tiny.R CnC Checkin (Infoback) (trojan.rules)
 2829109 - ETPRO CURRENT_EVENTS Observed Malicious SSL Cert (MalDoc DL)
(current_events.rules)
 2829110 - ETPRO TROJAN Win32/Crimson Variant CnC Checkin (trojan.rules)
 2829111 - ETPRO CURRENT_EVENTS Successful Generic Webmail Phish 2017-12-29
(current_events.rules)
 2829112 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2017-12-29 1) (trojan.rules)
 2829113 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2017-12-29 2) (trojan.rules)
 2829114 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2017-12-29 3) (trojan.rules)
 2829115 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2017-12-29 4) (trojan.rules)
 2829116 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2017-12-29 5) (trojan.rules)
 2829117 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2017-12-29 6) (trojan.rules)


[///]     Modified active rules:     [///]

 2814624 - ETPRO TROJAN XtremeRAT CnC Beacon 1 (trojan.rules)


-- 
PGP: 0xBED7B297
<https://pgp.mit.edu/pks/lookup?op=get&search=0x6B68453CBED7B297>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20171229/a2d19aab/attachment.html>


More information about the Emerging-updates mailing list