[Emerging-updates] Daily Ruleset Update Summary 2018/07/27

Travis Green tgreen at emergingthreats.net
Fri Jul 27 13:21:48 HDT 2018


[***]            Summary:            [***]

5 new Open, 22 new Pro (5 + 17). Underminer EK, Micropsia SSL, Various
Mobile, Phishing.


[+++]          Added rules:          [+++]

Open:

 2025914 - ET CURRENT_EVENTS Underminer EK Flash Exploit
(current_events.rules)
 2025915 - ET CURRENT_EVENTS Underminer EK Flash Check
(current_events.rules)
 2025916 - ET CURRENT_EVENTS Possible Underminer EK Landing
(current_events.rules)
 2025917 - ET WEB_SPECIFIC_APPS Modx Revolution < 2.6.4 phpthumb.php RCE
Attempt (web_specific_apps.rules)
 2025918 - ET TROJAN Observed Malicious SSL Cert (Micropsia CnC Domain)
(trojan.rules)

Pro:

 2831976 - ETPRO MOBILE_MALWARE Android/Styricka.C Receiving Config from
CnC (mobile_malware.rules)
 2831977 - ETPRO MOBILE_MALWARE Android/Shedun Variant CnC Checkin with
Fake Lowercase Headers (mobile_malware.rules)
 2831978 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Agent.dn DNS Lookup
(mobile_malware.rules)
 2831979 - ETPRO TROJAN Win32.Fsysna.czsf Checkin (trojan.rules)
 2831980 - ETPRO TROJAN Win32.RoatPkz Checkin (trojan.rules)
 2831981 - ETPRO CURRENT_EVENTS Successful Spotify Phish 2018-07-27
(current_events.rules)
 2831982 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2017-07-27
(current_events.rules)
 2831983 - ETPRO CURRENT_EVENTS Successful Generic Personalized Phish
2018-07-27 (current_events.rules)
 2831984 - ETPRO POLICY TriLock AntiTheft Checkin (policy.rules)
 2831985 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2018-07-27 1) (trojan.rules)
 2831986 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2018-07-27 2) (trojan.rules)
 2831987 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2018-07-27 3) (trojan.rules)
 2831988 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2018-07-27 4) (trojan.rules)
 2831989 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2018-07-27 5) (trojan.rules)
 2831990 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2017-07-27
(current_events.rules)
 2831991 - ETPRO CURRENT_EVENTS Successful Generic Phish - Redirect to
Voicemail 2017-07-27 (current_events.rules)
 2831992 - ETPRO MOBILE_MALWARE Android/Shedun Variant CnC Checkin with
Fake Lowercase Headers 2 (mobile_malware.rules)


[///]     Modified active rules:     [///]

 2823937 - ETPRO CURRENT_EVENTS Successful Generic Phish (302) Dec 16 2016
(current_events.rules)


-- 
PGP: 0xBED7B297
<https://pgp.mit.edu/pks/lookup?op=get&search=0x6B68453CBED7B297>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20180727/71322506/attachment.html>


More information about the Emerging-updates mailing list