[Emerging-updates] Daily Ruleset Update Summary 2019/12/06

Brandon Murphy bmurphy at emergingthreats.net
Fri Dec 6 14:16:45 HST 2019


[***]            Summary:            [***]

  2 new Open,  20 new Pro (2 + 18).  Usnif, AZoRult, IcedID TLS Certs,
Remcos, Various CoinMiner, Various Phish.

  Suricata 2/3 EOL information:
https://lists.emergingthreats.net/pipermail/emerging-updates/2019-October/004655.html

  Please share issues, feedback, and requests at
https://feedback.emergingthreats.net/feedback

[+++]          Added rules:          [+++]

Open:

  2029098 - ET MALWARE PrivaZer Checkin (malware.rules)
  2029099 - ET MALWARE Win32/GameHack.COG Variant CnC Activity
(malware.rules)

Pro:

  2839768 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-12-05 1) (trojan.rules)
  2839769 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-12-05 2) (trojan.rules)
  2839770 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-12-05 3) (trojan.rules)
  2839771 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-12-05 4) (trojan.rules)
  2839772 - ETPRO CURRENT_EVENTS Successful Paypal Manager Phish 2019-12-06
(current_events.rules)
  2839773 - ETPRO CURRENT_EVENTS Successful Banco Itau Phish 2019-12-06
(current_events.rules)
  2839774 - ETPRO CURRENT_EVENTS Successful AOL Phish 2019-12-06
(current_events.rules)
  2839775 - ETPRO CURRENT_EVENTS Successful BNP Paribas Phish 2019-12-06
(current_events.rules)
  2839776 - ETPRO CURRENT_EVENTS Successful Generic Email Account Update
Phish 2019-12-06 (current_events.rules)
  2839777 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-12-06 (current_events.rules)
  2839778 - ETPRO CURRENT_EVENTS Successful Banco Itau Phish 2019-12-06
(current_events.rules)
  2839779 - ETPRO TROJAN Observed Malicious SSL Cert (Ursnif CnC)
(trojan.rules)
  2839780 - ETPRO TROJAN Win32/Unknown CnC Checkin (trojan.rules)
  2839781 - ETPRO TROJAN Win32/TrojanDownloader.Zlob CnC Activity
(trojan.rules)
  2839782 - ETPRO TROJAN Win32/Remcos RAT Checkin 273 (trojan.rules)
  2839783 - ETPRO TROJAN Win32/Remcos RAT Checkin 274 (trojan.rules)
  2839784 - ETPRO TROJAN Observed Malicious SSL Cert (AZORult CnC)
2019-12-05 (trojan.rules)
  2839785 - ETPRO TROJAN Observed Malicious SSL Cert (IcedID CnC)
2019-12-06 (trojan.rules)


 [///]     Modified active rules:     [///]

  2811175 - ETPRO TROJAN Luminosity Link RAT CnC Beacon Inbound
(trojan.rules)
  2839153 - ETPRO POLICY Suspicious Double Accept HTTP Header Value
(policy.rules)
  2839683 - ETPRO POLICY Inbound PowerShell Querying Processor Arch
(policy.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20191206/cb276668/attachment.html>


More information about the Emerging-updates mailing list