[Emerging-updates] Daily Ruleset Update Summary 2018/11/21

Travis Green tgreen at emergingthreats.net
Wed Nov 21 12:39:01 HST 2018


[***]            Summary:            [***]

5 new Open, 12 new Pro(5 + 7). SC.Backdoor, SSHBRUTE.A Haiduc,
CVE-2018-15979, Various Mobile.

Thanks:  James Lay, Kevin Ross


[+++]          Added rules:          [+++]

Open:

 2026640 - ET TROJAN Kraken C2 Domain Observed (kraken656kn6wyyx in
DNS Lookup) (trojan.rules)
 2026641 - ET TROJAN SC.Backdoor/TeleRAT Checkin (trojan.rules)
 2026642 - ET TROJAN HackTool.Linux.SSHBRUTE.A Haiduc Initial
Compromise C2 POST (trojan.rules)
 2026643 - ET INFO Plaintext SSH Authentication Identified (Encryption
set to None) (info.rules)
 2026644 - ET CURRENT_EVENTS Observed Malicious SSL Cert (BrushaLoader
Domain) (current_events.rules)

Pro:

 2833603 - ETPRO MOBILE_MALWARE Android/Locker.PN Checkin (mobile_malware.rules)
 2833604 - ETPRO MOBILE_MALWARE AdWare.AndroidOS.Feiad.b Location
Exfil (mobile_malware.rules)
 2833605 - ETPRO MOBILE_MALWARE Trojan-SMS.AndroidOS.Agent.uf Checkin
(mobile_malware.rules)
 2833606 - ETPRO MOBILE_MALWARE Riskware.Android.Revmob.dyzsji Checkin
(mobile_malware.rules)
 2833607 - ETPRO EXPLOIT PDF Containing Possible Acrobat Go-to Action
Exploitation (CVE-2018-15979) (exploit.rules)
 2833608 - ETPRO CURRENT_EVENTS Steam Phish Landing 2018-11-21
(current_events.rules)
 2833609 - ETPRO TROJAN BR.Banker CnC Checkin (trojan.rules)


[///]     Modified active rules:     [///]

 2013186 - ET TROJAN Win32.Renos/Artro Trojan Checkin M1 (trojan.rules)
 2826931 - ETPRO TROJAN Idicaf CnC Beacon (trojan.rules)



-- 
PGP: 0xBED7B297


More information about the Emerging-updates mailing list