[Emerging-updates] Daily Ruleset Update Summary 2018/07/20

Travis Green tgreen at emergingthreats.net
Fri Jul 20 11:40:02 HDT 2018


[***]            Summary:            [***]

10 new Open, 30 new Pro (10 + 20). Win32/Phorpiex, Backdoor.Ranky,
PoisonFang Ransomware, Various Phish, Mobile.


[+++]          Added rules:          [+++]

Open:

 2025870 - ET CURRENT_EVENTS Badoo Phishing Landing 2018-07-19
(current_events.rules)
 2025871 - ET CURRENT_EVENTS GitLab Phishing Landing 2018-07-19
(current_events.rules)
 2025872 - ET CURRENT_EVENTS Fake 404 With Hidden Login Form
(current_events.rules)
 2025873 - ET CURRENT_EVENTS Github Phishing Landing 2018-07-19
(current_events.rules)
 2025874 - ET CURRENT_EVENTS Twitter Phishing Landing 2018-07-19
(current_events.rules)
 2025875 - ET CURRENT_EVENTS Netflix Phishing Landing 2017-07-20
(current_events.rules)
 2025876 - ET CURRENT_EVENTS LinkedIn Phishing Landing 2017-07-20
(current_events.rules)
 2025877 - ET WEB_SPECIFIC_APPS XML External Entity Information Disclosure
(web_specific_apps.rules)
 2025878 - ET WEB_SPECIFIC_APPS XML External Entity Remote Code Execution
(web_specific_apps.rules)
 2025879 - ET ATTACK_RESPONSE passwd file Outbound from WEB SERVER Linux
(attack_response.rules)

Pro:

 2831905 - ETPRO MOBILE_MALWARE Android/Styricka.C CnC Responding with
Config (mobile_malware.rules)
 2831906 - ETPRO TROJAN Win32/Phorpiex Crypto Stealer Module EXE Inbound
(trojan.rules)
 2831907 - ETPRO TROJAN Win32.Frauder.ahk Checkin M2 (trojan.rules)
 2831908 - ETPRO CURRENT_EVENTS Observed Malicious SSL Cert (MalDoc DL
2018-07-20) (current_events.rules)
 2831909 - ETPRO TROJAN Win32.Backdoor.Ranky/Prophet Checkin M1
(trojan.rules)
 2831910 - ETPRO TROJAN Magic HTTP CnC Checkin (trojan.rules)
 2831911 - ETPRO TROJAN Win32.Backdoor.Ranky/Prophet Checkin M2
(trojan.rules)
 2831912 - ETPRO TROJAN PoisonFang Ransomware CnC Checkin/Keep-Alive
(trojan.rules)
 2831913 - ETPRO TROJAN PoisonFang Ransomware CnC Key Exchange
(trojan.rules)
 2831914 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2018-07-20 1) (trojan.rules)
 2831915 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2018-07-20 2) (trojan.rules)
 2831916 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2018-07-20 3) (trojan.rules)
 2831917 - ETPRO CURRENT_EVENTS Successful Office 365 Phish 2018-07-20
(current_events.rules)
 2831918 - ETPRO CURRENT_EVENTS Successful Office 365 Phish 2018-07-20
(current_events.rules)
 2831919 - ETPRO CURRENT_EVENTS Successful Office 365 Phish 2018-07-20
(current_events.rules)
 2831920 - ETPRO CURRENT_EVENTS Successful Apple Phish 2018-07-20
(current_events.rules)
 2831921 - ETPRO CURRENT_EVENTS Successful OneDrive/Office 365 Phish
2018-07-20 (current_events.rules)
 2831922 - ETPRO CURRENT_EVENTS Successful Dropbox Phish 2018-07-20
(current_events.rules)
 2831923 - ETPRO CURRENT_EVENTS Successful CIBC Phish 2018-07-20
(current_events.rules)
 2831924 - ETPRO CURRENT_EVENTS Successful Randomized Paypal Phish
2018-07-20 (current_events.rules)


[///]     Modified active rules:     [///]

 2823937 - ETPRO CURRENT_EVENTS Successful Generic Phish (302) Dec 16 2016
(current_events.rules)


[---]         Removed rules:         [---]

 2831882 - ETPRO CURRENT_EVENTS Badoo Phishing Landing 2018-07-19
(current_events.rules)
 2831883 - ETPRO CURRENT_EVENTS GitLab Phishing Landing 2018-07-19
(current_events.rules)
 2831884 - ETPRO CURRENT_EVENTS Fake 404 With Hidden Login Form
(current_events.rules)
 2831885 - ETPRO CURRENT_EVENTS Github Phishing Landing 2018-07-19
(current_events.rules)
 2831886 - ETPRO CURRENT_EVENTS Twitter Phishing Landing 2018-07-19
(current_events.rules)


-- 
PGP: 0xBED7B297
<https://pgp.mit.edu/pks/lookup?op=get&search=0x6B68453CBED7B297>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20180720/bcfb7b15/attachment.html>


More information about the Emerging-updates mailing list