[Emerging-updates] Daily Ruleset Update Summary 2019/07/09
Jason Williams
jwilliams at emergingthreats.net
Tue Jul 9 13:29:19 HDT 2019
[***] Summary: [***]
2 new Open, 27 new Pro (2 + 25). Smokeloader, Doney, Ursnif, Various
Phish.
Please share issues, feedback, and requests at
https://feedback.emergingthreats.net/feedback
[+++] Added rules: [+++]
Open:
2027694 - ET MALWARE Observed OSX/PremierOpinionD Collection Domain in
TLS SNI (malware.rules)
2027695 - ET POLICY Observed Cloudflare DNS over HTTPS Domain
(cloudflare-dns .com in TLS SNI) (policy.rules)
Pro:
2837329 - ETPRO MOBILE_MALWARE AdWare.AndroidOS.Ewind.jg GPS/Device Info
Exfil (mobile_malware.rules)
2837330 - ETPRO TROJAN Observed Ursnif CnC Domain in TLS SNI
(trojan.rules)
2837331 - ETPRO TROJAN Win32/Unk.Doney CnC Checkin (trojan.rules)
2837332 - ETPRO TROJAN Win32/Unk.Doney CnC Keep-Alive (trojan.rules)
2837333 - ETPRO CURRENT_EVENTS Successful Godaddy Phish 2019-07-09
(current_events.rules)
2837334 - ETPRO CURRENT_EVENTS Successful Zimbra Phish 2019-07-09
(current_events.rules)
2837335 - ETPRO CURRENT_EVENTS Successful Banco do Brazil Phish
2019-07-09 (current_events.rules)
2837336 - ETPRO CURRENT_EVENTS Successful Banco do Brazil Phish
2019-07-09 (current_events.rules)
2837337 - ETPRO CURRENT_EVENTS Successful Wells Fargo Phish 2019-07-09
(current_events.rules)
2837338 - ETPRO CURRENT_EVENTS Successful Wells Fargo Phish 2019-07-09
(current_events.rules)
2837339 - ETPRO CURRENT_EVENTS Successful Bank of America Phish
2019-07-09 (current_events.rules)
2837340 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-07-09 (current_events.rules)
2837341 - ETPRO CURRENT_EVENTS Successful Santander Phish 2019-07-09
(current_events.rules)
2837342 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-07-09 (current_events.rules)
2837343 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-07-09 1) (trojan.rules)
2837344 - ETPRO CURRENT_EVENTS Successful Banco Galicia Phish 2019-07-09
(current_events.rules)
2837345 - ETPRO CURRENT_EVENTS Successful Generic Phish (set) 2019-07-09
(current_events.rules)
2837346 - ETPRO CURRENT_EVENTS Successful SF Express Phish 2019-07-09
(current_events.rules)
2837347 - ETPRO CURRENT_EVENTS Successful Scotiabank Phish 2019-07-09
(current_events.rules)
2837348 - ETPRO CURRENT_EVENTS Successful Chase Phish 2019-07-09
(current_events.rules)
2837349 - ETPRO CURRENT_EVENTS Successful Chase Phish 2019-07-09
(current_events.rules)
2837350 - ETPRO CURRENT_EVENTS Successful Bank of America Phish
2019-07-09 (current_events.rules)
2837351 - ETPRO CURRENT_EVENTS Successful Santander Phish 2019-07-09
(current_events.rules)
2837352 - ETPRO CURRENT_EVENTS Successful Banco Itau Phish 2019-07-09
(current_events.rules)
2837353 - ETPRO TROJAN Sharik/Smokeloader CnC Beacon 15 (trojan.rules)
[---] Disabled and modified rules: [---]
2022868 - ET TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate
detected (Quakbot CnC) (trojan.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20190709/fab9d690/attachment.html>
More information about the Emerging-updates
mailing list