[Emerging-updates] Daily Ruleset Update Summary 2019/07/12

[Jason Williams]

[***]            Summary:            [***]

  1 new Open, 22 new Pro (1 + 21).  0rt5t30h, InfectionAds, Cobint CnC,
Various Phish.

  Please share issues, feedback, and requests at
https://feedback.emergingthreats.net/feedback

 [+++]          Added rules:          [+++]

 Open:

  2027706 - ET WEB_SPECIFIC_APPS Appointment Hour Booking - WordPress
Plugin - Stored XSS (CVE-2019-13505) (web_specific_apps.rules)

 Pro:

  2837475 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.InfectionAds Checkin
(mobile_malware.rules)
  2837476 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.InfectionAds Checkin 2
(mobile_malware.rules)
  2837477 - ETPRO CURRENT_EVENTS Abused CertUtil to URL Shortener
(current_events.rules)
  2837478 - ETPRO TROJAN Observed Malicious SSL Cert (Cobint CnC)
(trojan.rules)
  2837479 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-07-12 1) (trojan.rules)
  2837480 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-07-12 2) (trojan.rules)
  2837481 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-07-12 3) (trojan.rules)
  2837482 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-07-12 4) (trojan.rules)
  2837483 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-07-12 (current_events.rules)
  2837484 - ETPRO CURRENT_EVENTS Successful Capital One Phish 2019-07-12
(current_events.rules)
  2837485 - ETPRO CURRENT_EVENTS Successful Capital One Phish 2019-07-12
(current_events.rules)
  2837486 - ETPRO CURRENT_EVENTS Successful Chase Phish 2019-07-12
(current_events.rules)
  2837487 - ETPRO CURRENT_EVENTS Successful Redstone Federal Credit Union
Phish 2019-07-12 (current_events.rules)
  2837488 - ETPRO CURRENT_EVENTS Successful ICS Phish 2019-07-12
(current_events.rules)
  2837489 - ETPRO CURRENT_EVENTS Successful Bank of America Phish
2019-07-12 (current_events.rules)
  2837490 - ETPRO CURRENT_EVENTS Successful Box Phish 2019-07-12
(current_events.rules)
  2837491 - ETPRO CURRENT_EVENTS Successful AT&T Messages Phish 2019-07-12
(current_events.rules)
  2837492 - ETPRO CURRENT_EVENTS Successful Facebook Phish 2019-07-12
(current_events.rules)
  2837493 - ETPRO TROJAN 0rt5t30h Go Backdoor CnC Activity (trojan.rules)
  2837494 - ETPRO CURRENT_EVENTS Evil Keitaro Set-Cookie Inbound (ceba1)
(current_events.rules)
  2837495 - ETPRO CURRENT_EVENTS Evil Keitaro Set-Cookie Inbound (9b8fa)
(current_events.rules)

 [///]     Modified active rules:     [///]

  2013031 - ET POLICY Python-urllib/ Suspicious User Agent (policy.rules)
  2027695 - ET POLICY Observed Cloudflare DNS over HTTPS Domain
(cloudflare-dns .com in TLS SNI) (policy.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20190712/7bfeef67/attachment.html>