[Emerging-updates] Daily Ruleset Update Summary 2019/12/05

James Emery-Callcott jcallcott at emergingthreats.net
Thu Dec 5 14:28:57 HST 2019


[***]            Summary:            [***]

  1 new Open, 18 new Pro (1 + 17).  MedusaHTTP, APT32, Various Android,
Various Phish.

  Thanks @james_inthe_box and @malwrhunterteam.

  Suricata 2/3 EOL information:
https://lists.emergingthreats.net/pipermail/emerging-updates/2019-October/004655.html

  Please share issues, feedback, and requests at
https://feedback.emergingthreats.net/feedback

[+++]          Added rules:          [+++]

Open:

  2029097 - ET TROJAN MedusaHTTP Variant CnC Checkin M2 (trojan.rules)

Pro:

  2839751 - ETPRO MOBILE_MALWARE AndroidOS/SMForw.AA Contacts Exfil
(mobile_malware.rules)
  2839752 - ETPRO MOBILE_MALWARE Android/Clicker.b1eb9847 CnC Beacon
(mobile_malware.rules)
  2839753 - ETPRO MOBILE_MALWARE AndroidOS/Trojan.RLGK-5 Reporting Device
Info (mobile_malware.rules)
  2839754 - ETPRO MOBILE_MALWARE Android/TrojanDropper.Agent.WS Checkin
(mobile_malware.rules)
  2839755 - ETPRO TROJAN Unk.Downloader User-Agent (trojan.rules)
  2839756 - ETPRO TROJAN SSL/TLS Certificate Observed (APT32) (trojan.rules)
  2839757 - ETPRO CURRENT_EVENTS Successful Shaw Webmail Phish 2019-12-05
(current_events.rules)
  2839758 - ETPRO CURRENT_EVENTS Successful Citibank Phish 2019-12-05
(current_events.rules)
  2839759 - ETPRO CURRENT_EVENTS Successful Linkedin Phish 2019-12-05
(current_events.rules)
  2839760 - ETPRO CURRENT_EVENTS Successful American Express Phish
2019-12-05 (current_events.rules)
  2839761 - ETPRO CURRENT_EVENTS Successful Apple Phish 2019-12-05
(current_events.rules)
  2839762 - ETPRO CURRENT_EVENTS Successful Netflix Phish 2019-12-05
(current_events.rules)
  2839763 - ETPRO CURRENT_EVENTS Successful Netflix Phish 2019-12-05
(current_events.rules)
  2839764 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-12-05 (current_events.rules)
  2839765 - ETPRO CURRENT_EVENTS Successful Bank of America Phish
2019-12-05 (current_events.rules)
  2839766 - ETPRO CURRENT_EVENTS Successful Chase Phish 2019-12-05
(current_events.rules)
  2839767 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-12-05 (current_events.rules)

---------------------------------------

James Emery-Callcott
Security Researcher | ProofPoint Inc | Emerging Threats Team
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20191206/d106b8fa/attachment.html>


More information about the Emerging-updates mailing list