[Emerging-updates] Daily Ruleset Update Summary 2017/03/01

Francis Trudeau ftrudeau at emergingthreats.net
Wed Mar 1 16:49:14 EST 2017


 [***] Summary: [***]

 1 new Open signature, 26 new Pro (1 + 25).  Carbanak, Various Phishing.

 [+++]          Added rules:          [+++]

 Open:

  2024029 - ET INFO Suspicious VNC Remote Admin Request (info.rules)

 Pro:

  2815247 - ETPRO CURRENT_EVENTS Successful Excel Online Phish Dec 8
(current_events.rules)
  2825163 - ETPRO CURRENT_EVENTS Successful Generic Phish (Redirect to
Download PDF) Feb 28 2017 (current_events.rules)
  2825164 - ETPRO MOBILE_MALWARE AdWare.AndroidOS.Dowgin.d CnC Beacon 2
(mobile_malware.rules)
  2825165 - ETPRO MOBILE_MALWARE PUA Android/KyView.E Checkin
(mobile_malware.rules)
  2825166 - ETPRO CURRENT_EVENTS Docusign Phishing Landing Mar 1 2017
(current_events.rules)
  2825167 - ETPRO CURRENT_EVENTS Successful DHL Phish Mar 1 2017
(current_events.rules)
  2825168 - ETPRO CURRENT_EVENTS Successful OWA Phish Mar 1 2017
(current_events.rules)
  2825169 - ETPRO CURRENT_EVENTS Successful Fidelity Phish Mar 1 2017
(current_events.rules)
  2825170 - ETPRO MOBILE_MALWARE Android/DocaP.B Checkin
(mobile_malware.rules)
  2825171 - ETPRO MOBILE_MALWARE Android.Adware.NoiconAds.A CnC Beacon
(mobile_malware.rules)
  2825172 - ETPRO MOBILE_MALWARE Android.Adware.NoiconAds.A CnC Beacon 2
(mobile_malware.rules)
  2825173 - ETPRO MOBILE_MALWARE Android.Trojan.Rootnik.FH Checkin
(mobile_malware.rules)
  2825174 - ETPRO CURRENT_EVENTS Successful Google Drive Phish Feb 28 2017
(current_events.rules)
  2825175 - ETPRO CURRENT_EVENTS Successful DHL Phish Feb 28 2017
(current_events.rules)
  2825176 - ETPRO CURRENT_EVENTS Successful Generic Email Account Update
Phish Feb 28 2017 (current_events.rules)
  2825177 - ETPRO TROJAN Carbanak PowerShell DNS TXT CnC Beacon 1 M1
(trojan.rules)
  2825178 - ETPRO TROJAN Carbanak PowerShell DNS TXT CnC Beacon 1 M2
(trojan.rules)
  2825179 - ETPRO TROJAN Carbanak PowerShell DNS TXT CnC Beacon 2
(trojan.rules)
  2825180 - ETPRO MOBILE_MALWARE Trojan-Dropper.AndroidOS.Iop.d CnC Beacon
(mobile_malware.rules)
  2825181 - ETPRO MALWARE Win32/FlyStudio Ad Update (malware.rules)
  2825182 - ETPRO CURRENT_EVENTS Successful Bradesco Bank Phish Mar 01 2017
(current_events.rules)
  2825183 - ETPRO CURRENT_EVENTS Successful Natwest Bank Phish M1 Mar 01
2017 (current_events.rules)
  2825184 - ETPRO CURRENT_EVENTS Successful Natwest Bank Phish M2 Mar 01
2017 (current_events.rules)
  2825185 - ETPRO CURRENT_EVENTS Successful My ADP Phish Mar 01 2017
(current_events.rules)
  2825186 - ETPRO CURRENT_EVENTS Successful Singtel Phish Mar 01 2017
(current_events.rules)


 [///]     Modified active rules:     [///]

  2007994 - ET MALWARE Suspicious User-Agent (1 space) (malware.rules)
  2011341 - ET TROJAN Suspicious POST With Reference to WINDOWS Folder
Possible Malware Infection (trojan.rules)
  2807017 - ETPRO TROJAN  Backdoor.Win32.GF.13x.A Checkin (trojan.rules)
  2809560 - ETPRO MOBILE_MALWARE Android.Adware.NoiconAds.A Checkin 2
(mobile_malware.rules)
  2815310 - ETPRO CURRENT_EVENTS  Successful Dropbox Phish Dec 10 M1
(current_events.rules)
  2822498 - ETPRO CURRENT_EVENTS Successful Chase Phish Oct 07 2016
(current_events.rules)


 [---]         Removed rules:         [---]

  2821586 - ETPRO MOBILE_MALWARE AdWare.AndroidOS.Inoco.f Checkin
(mobile_malware.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20170301/0eb735e0/attachment.html>


More information about the Emerging-updates mailing list