[Emerging-updates] Daily Ruleset Update Summary 2017/02/24

Francis Trudeau ftrudeau at emergingthreats.net
Fri Feb 24 17:52:01 EST 2017


 [***] Summary: [***]

 13 new Open signatures, 23 new Pro (11 + 10).  (?:Matrix|Cerber)
Ransomware, Various Phishing.

 Thanks:  @illegalFawn and @rmkml.

 [+++]          Added rules:          [+++]

 Open:

  2024007 - ET CURRENT_EVENTS Suspicious JS Refresh - Possible Phishing
Redirect Feb 24 2017 (current_events.rules)
  2024008 - ET CURRENT_EVENTS Possible Phishing Redirect Feb 24 2017
(current_events.rules)
  2024009 - ET CURRENT_EVENTS Successful Craigslist (RO) Phish M1 Feb 24
2017 (current_events.rules)
  2024010 - ET CURRENT_EVENTS Successful Craigslist (RO) Phish M2 Feb 24
2017 (current_events.rules)
  2024011 - ET CURRENT_EVENTS Successful RBC Royal Bank Phish M1 Feb 24
2017 (current_events.rules)
  2024012 - ET CURRENT_EVENTS Successful RBC Royal Bank Phish M2 Feb 24
2017 (current_events.rules)
  2024013 - ET CURRENT_EVENTS Successful RBC Royal Bank Phish M3 Feb 24
2017 (current_events.rules)
  2024014 - ET CURRENT_EVENTS Successful RBC Royal Bank Phish M4 Feb 24
2017 (current_events.rules)
  2024015 - ET CURRENT_EVENTS Successful Orderlink (IN) Phish Feb 24 2017
(current_events.rules)
  2024016 - ET CURRENT_EVENTS Paypal Phishing Redirect M1 Feb 24 2017
(current_events.rules)
  2024017 - ET CURRENT_EVENTS Paypal Phishing Redirect M2 Feb 24 2017
(current_events.rules)
  2024018 - ET CURRENT_EVENTS Common Paypal Phishing URI Feb 24 2017
(current_events.rules)
  2024019 - ET CURRENT_EVENTS Paypal Phishing Landing Feb 24 2017
(current_events.rules)

 Pro:

  2825118 - ETPRO CURRENT_EVENTS Possible Apple Phishing Landing Feb 24
2017 (current_events.rules)
  2825119 - ETPRO CURRENT_EVENTS Successful Apple Phish Feb 24 2017
(current_events.rules)
  2825120 - ETPRO POLICY DNS Query to .onion proxy Domain (onion. casa)
(policy.rules)
  2825121 - ETPRO TROJAN Malicious JScript SSL Certificate Detected
(trojan.rules)
  2825122 - ETPRO CURRENT_EVENTS Possible Successful Apple Phish Feb 24
2017 (current_events.rules)
  2825123 - ETPRO CURRENT_EVENTS Suspicious Cookie Observed in Apple
Phishing Feb 24 2017 (current_events.rules)
  2825125 - ETPRO TROJAN MSIL/Matrix Ransomware CnC Activity (trojan.rules)
  2825126 - ETPRO TROJAN Banker.Win32.ChePro.myry CnC Beacon (trojan.rules)
  2825127 - ETPRO TROJAN Ransomware/Cerber Onion Domain Lookup
(trojan.rules)
  2825128 - ETPRO POLICY SSL Cert Free File Hosting Site (spring-files .
com) (policy.rules)


 [///]     Modified active rules:     [///]

  2814079 - ETPRO TROJAN Corebot Checkin 2 (trojan.rules)
  2825027 - ETPRO CURRENT_EVENTS Possible SunDown EK Landing URI Struct T2
Feb 17 2017 (current_events.rules)


 [---]  Disabled and modified rules:  [---]

  2816898 - ETPRO TROJAN Maldoc Downloader SSL Cert Apr 04 (trojan.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20170224/e711bbfa/attachment.html>


More information about the Emerging-updates mailing list