[Emerging-updates] Daily Ruleset Update Summary 2019/07/08

Jason Williams jwilliams at emergingthreats.net
Mon Jul 8 13:22:13 HDT 2019 

[***]            Summary:            [***]

  5 new Open, 30 new Pro (5 + 25).  Inter Skimmer, Smokeloader, Coinminers,
Various Phish.

  Please share issues, feedback, and requests at
https://feedback.emergingthreats.net/feedback

[+++]          Added rules:          [+++]

 Open:

  2027689 - ET TROJAN Inter Skimmer CnC Domain in DNS Lookup (trojan.rules)
  2027690 - ET TROJAN Inter Skimmer CnC Domain in DNS Lookup (trojan.rules)
  2027691 - ET TROJAN Inter Skimmer CnC Domain in DNS Lookup (trojan.rules)
  2027692 - ET TROJAN Inter Skimmer CnC Domain in DNS Lookup (trojan.rules)
  2027693 - ET TROJAN Inter Skimmer CnC Domain in DNS Lookup (trojan.rules)

 Pro:

  2837304 - ETPRO MOBILE_MALWARE Android/Spy.Agent.JW Checkin
(mobile_malware.rules)
  2837305 - ETPRO TROJAN DNS Query to Smokeloader Style Dynamic CnC Domains
M1 (trojan.rules)
  2837306 - ETPRO TROJAN DNS Query to Smokeloader Style Dynamic CnC Domains
M2 (trojan.rules)
  2837307 - ETPRO TROJAN Observed SmokeLoader Style Connectivity Check M2
(trojan.rules)
  2837308 - ETPRO CURRENT_EVENTS Successful Outlook Web App Phish
2019-07-08 (current_events.rules)
  2837309 - ETPRO CURRENT_EVENTS Successful Bank of America Phish
2019-07-08 (current_events.rules)
  2837310 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-07-08 (current_events.rules)
  2837311 - ETPRO CURRENT_EVENTS Successful Poste Italiane Phish 2019-07-08
(current_events.rules)
  2837312 - ETPRO CURRENT_EVENTS Successful BNP Paribas Phish 2019-07-08
(current_events.rules)
  2837313 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-07-08 (current_events.rules)
  2837314 - ETPRO CURRENT_EVENTS Successful WeTransfer Phish 2019-07-08
(current_events.rules)
  2837315 - ETPRO CURRENT_EVENTS Successful Banco do Brasil Phish
2019-07-08 (current_events.rules)
  2837316 - ETPRO CURRENT_EVENTS Successful Paypal  Phish 2019-07-08
(current_events.rules)
  2837317 - ETPRO CURRENT_EVENTS Successful Credit du Nord  Phish
2019-07-08 (current_events.rules)
  2837318 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2019-07-08
(current_events.rules)
  2837319 - ETPRO CURRENT_EVENTS Successful RBS Phish 2019-07-08
(current_events.rules)
  2837320 - ETPRO CURRENT_EVENTS Successful Adobe Document Cloud Phish
2019-07-08 (current_events.rules)
  2837321 - ETPRO CURRENT_EVENTS Successful Instagram Phish 2019-07-08
(current_events.rules)
  2837322 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-07-08 1) (trojan.rules)
  2837323 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-07-08 2) (trojan.rules)
  2837324 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-07-08 3) (trojan.rules)
  2837325 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-07-08 4) (trojan.rules)
  2837326 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-07-08 5) (trojan.rules)
  2837327 - ETPRO TROJAN Win32/Spy.Agent.PRX Variant ZIP Upload
(trojan.rules)
  2837328 - ETPRO CURRENT_EVENTS Successful Office 365 Phish 2019-07-08
(current_events.rules)

 [///]     Modified active rules:     [///]

  2832759 - ETPRO CURRENT_EVENTS MalDoc Requesting Ursnif Payload
2018-09-24 (current_events.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20190708/8f1f36ad/attachment.html>

More information about the Emerging-updates mailing list