[Emerging-updates] Daily Ruleset Update Summary 2017/03/30

Travis Green tgreen at emergingthreats.net
Thu Mar 30 18:01:03 EDT 2017


[***]            Summary:            [***]

3 new Open, 19 new Pro (3 + 16). Various Phishing, Various Android

Thanks: Kevin Ross, pckthck


[+++]          Added rules:          [+++]

Open:

 2024120 - ET TROJAN MSIL/Matrix Ransomware CnC Activity (trojan.rules)
 2024121 - ET EXPLOIT NETGEAR WNR2000v5 hidden_lang_avi Stack Overflow
(CVE-2016-10174) (exploit.rules)
 2024122 - ET CURRENT_EVENTS MalDoc Retrieving Payload March 30 2017
(current_events.rules)

Pro:

 2825676 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Hqwar DNS Lookup
(mobile_malware.rules)
 2825677 - ETPRO MALWARE Win32/Adware.Ymeta.A CnC Beacon (malware.rules)
 2825678 - ETPRO MOBILE_MALWARE PUP Android/Agent-AZS Checkin
(mobile_malware.rules)
 2825679 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.k CnC Beacon
(mobile_malware.rules)
 2825680 - ETPRO TROJAN Observed Malicious JS Downloader SSL Cert
(trojan.rules)
 2825681 - ETPRO TROJAN Observed Malicious JS Downloader SSL Cert
(trojan.rules)
 2825682 - ETPRO TROJAN Observed Malicious JS Downloader SSL Cert
(trojan.rules)
 2825683 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw.gd SMS Exfil
via SMTP (mobile_malware.rules)
 2825684 - ETPRO CURRENT_EVENTS Successful Claro Phish Mar 30 2017
(current_events.rules)
 2825685 - ETPRO CURRENT_EVENTS Successful Google Drive Phish Mar 30 2017
(current_events.rules)
 2825686 - ETPRO CURRENT_EVENTS Successful Made in China Phish Mar 30 2017
(current_events.rules)
 2825687 - ETPRO CURRENT_EVENTS Successful iCloud Phish Mar 30 2017
(current_events.rules)
 2825688 - ETPRO CURRENT_EVENTS Successful Outlook Web Access Phish Mar 30
2017 (current_events.rules)
 2825689 - ETPRO CURRENT_EVENTS Successful USBank Phish Mar 30 2017
(current_events.rules)
 2825690 - ETPRO CURRENT_EVENTS Successful Banco do Brasil Phish Mar 30
2017 (current_events.rules)
 2825691 - ETPRO CURRENT_EVENTS Successful Navy Federal Phish Mar 30 2017
(current_events.rules)


[///]     Modified active rules:     [///]

 2806829 - ETPRO MOBILE_MALWARE Trojan-Downloader.AndroidOS.Fav.a Checkin
(mobile_malware.rules)


[---]         Removed rules:         [---]

 2825125 - ETPRO TROJAN MSIL/Matrix Ransomware CnC Activity (trojan.rules)


-- 
PGP: 0xBED7B297
<https://pgp.mit.edu/pks/lookup?op=get&search=0x6B68453CBED7B297>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20170330/5c3e8062/attachment.html>


More information about the Emerging-updates mailing list