[Emerging-updates] Daily Ruleset Update Summary 2017/07/07

Travis Green tgreen at emergingthreats.net
Fri Jul 7 18:31:48 EDT 2017


[***]            Summary:            [***]

6 new Open, 28 new Pro (6 + 22). Possible CVE-2017-0199, Various Phishing,
Various Mobile.


[+++]          Added rules:          [+++]

Open:

  2024444 - ET CURRENT_EVENTS Microsoft Tech Support Phone Scam M2 Jul 07
2017 (current_events.rules)
  2024445 - ET CURRENT_EVENTS Microsoft Tech Support Phone Scam M1 Jul 07
2017 (current_events.rules)
  2024446 - ET CURRENT_EVENTS Microsoft Tech Support Phone Scam M3 Jul 07
2017 (current_events.rules)
  2024447 - ET CURRENT_EVENTS Apple Tech Support Phone Scam Jul 07 2017
(current_events.rules)
  2024448 - ET CURRENT_EVENTS Microsoft Tech Support Phone Scam M4 Jul 07
2017 (current_events.rules)
  2024449 - ET CURRENT_EVENTS SUSPICIOUS Possible CVE-2017-0199
IE7/NoCookie/Referer HTA dl (current_events.rules)

Pro:

  2827036 - ETPRO TROJAN Unknown Powershell CnC Heartbeat (trojan.rules)
  2827037 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2017-07-06 1) (trojan.rules)
  2827038 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2017-07-06 2) (trojan.rules)
  2827039 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2017-07-06 3) (trojan.rules)
  2827040 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2017-07-06 4) (trojan.rules)
  2827041 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2017-07-06 5) (trojan.rules)
  2827042 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2017-07-06 6) (trojan.rules)
  2827043 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2017-07-06 7) (trojan.rules)
  2827044 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2017-07-06 8) (trojan.rules)
  2827045 - ETPRO TROJAN Bitcoin Miner Known Malicious Basic Auth
(VGhhbmUuMjpvcGVyYXRpb24xMQ==) (trojan.rules)
  2827046 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.a Checkin
170 (mobile_malware.rules)
  2827047 - ETPRO MOBILE_MALWARE Android/Spy.Agent.ADB CnC Beacon
(mobile_malware.rules)
  2827048 - ETPRO CURRENT_EVENTS Successful Bank of America Phish M1 Jul 07
2017 (current_events.rules)
  2827049 - ETPRO CURRENT_EVENTS Successful Bank of America Phish M2 Jul 07
2017 (current_events.rules)
  2827050 - ETPRO CURRENT_EVENTS Successful Outlook Phish Jul 07 2017
(current_events.rules)
  2827051 - ETPRO CURRENT_EVENTS Successful DHL Phish Jul 07 2017
(current_events.rules)
  2827053 - ETPRO CURRENT_EVENTS Successful Expedia Partner Central Phish
Jul 07 2017 (current_events.rules)
  2827054 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.san SMS
Exfil via SMTP (mobile_malware.rules)
  2827055 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.san
Reporting via SMTP (mobile_malware.rules)
  2827056 - ETPRO CURRENT_EVENTS Successful Linkedin Phish Jul 07 2017
(current_events.rules)
  2827057 - ETPRO CURRENT_EVENTS Successful Google Drive Shared Document
Phish Jul 07 2017 (current_events.rules)
  2827058 - ETPRO CURRENT_EVENTS Successful Email Shutdown Phish Jul 07
2017 (current_events.rules)


 [///]     Modified active rules:     [///]

  2824348 - ETPRO CURRENT_EVENTS Successful Bank of America Phish Jan 10
2017 (current_events.rules)
  2826431 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.ay SMS Exfil
3 (mobile_malware.rules)
  2827008 - ETPRO TROJAN MSIL/TeleBot.Backdoor Beacon To CnC (trojan.rules)


-- 
PGP: 0xBED7B297
<https://pgp.mit.edu/pks/lookup?op=get&search=0x6B68453CBED7B297>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20170707/30d77d9e/attachment.html>


More information about the Emerging-updates mailing list