[Emerging-updates] Daily Ruleset Update Summary 2019/07/05
James Emery-Callcott
jcallcott at emergingthreats.net
Fri Jul 5 12:10:02 HDT 2019
[***] Summary: [***]
0 new Open, 28 new Pro (0 + 28). Android/Spy.Banker.WO, PowerShell
Empire, Various SSL/TLS, Various Phish.
Please share issues, feedback, and requests at
https://feedback.emergingthreats.net/feedback
[+++] Added rules: [+++]
Pro:
2837276 - ETPRO CURRENT_EVENTS Successful Chase Phish 2019-07-05
(current_events.rules)
2837277 - ETPRO CURRENT_EVENTS Successful Match Phish 2019-07-05
(current_events.rules)
2837278 - ETPRO CURRENT_EVENTS Successful BCP Phish 2019-07-05
(current_events.rules)
2837279 - ETPRO CURRENT_EVENTS Successful Die Post Phish 2019-07-05
(current_events.rules)
2837280 - ETPRO CURRENT_EVENTS Successful DHL Phish 2019-07-05
(current_events.rules)
2837281 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish
2019-07-05 (current_events.rules)
2837282 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish
2019-07-05 (current_events.rules)
2837283 - ETPRO CURRENT_EVENTS Successful Bank of America Phish
2019-07-05 (current_events.rules)
2837284 - ETPRO CURRENT_EVENTS Successful Telekom / Tmobile Phish
2019-07-05 (current_events.rules)
2837285 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-07-05 1) (trojan.rules)
2837286 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-07-05 2) (trojan.rules)
2837287 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-07-05 3) (trojan.rules)
2837288 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-07-05 4) (trojan.rules)
2837289 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-07-05 5) (trojan.rules)
2837290 - ETPRO MOBILE_MALWARE Android/Spy.Banker.WO CnC Checkin
(mobile_malware.rules)
2837291 - ETPRO TROJAN Observed Malicious SSL Cert (Ostap CnC)
(trojan.rules)
2837292 - ETPRO TROJAN Unk Malicious CnC Domain in SNI (trojan.rules)
2837293 - ETPRO TROJAN Observed Malicious SSL Cert (Unk Malicious CnC)
(trojan.rules)
2837294 - ETPRO TROJAN Possible PowerShell Empire POST Request
(trojan.rules)
2837295 - ETPRO TROJAN Observed Malicious SSL Cert (Ursnif CnC)
(trojan.rules)
2837296 - ETPRO TROJAN Observed Malicious SSL Cert (Ursnif CnC)
(trojan.rules)
2837297 - ETPRO TROJAN Observed Malicious SSL Cert (Ursnif CnC)
(trojan.rules)
---------------------------------------
James Emery-Callcott
Security Researcher | ProofPoint Inc | Emerging Threats Team
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20190705/a16f614a/attachment.html>
More information about the Emerging-updates
mailing list