[Emerging-updates] Daily Ruleset Update Summary 2019/07/15
Brandon Murphy
bmurphy at emergingthreats.net
Mon Jul 15 14:07:34 HDT 2019
[***] Summary: [***]
5 new Open, 33 new Pro (5 + 28). Atlassian Jira CVE-2019-11581, APT
Sarhurst/Husar/Hussarini/Hassar, Various Phishing.
[+++] Added rules: [+++]
Open:
2027707 - ET TROJAN Possible APT Sarhurst/Husar/Hussarini/Hassar CnC
Check Response (trojan.rules)
2027708 - ET TROJAN Possible APT Sarhurst/Husar/Hussarini/Hassar CnC
Command Response (trojan.rules)
2027709 - ET TROJAN Possible APT Sarhurst/Husar/Hussarini/Hassar CnC POST
(trojan.rules)
2027710 - ET TROJAN Possible APT Sarhurst/Husar/Hussarini/Hassar CnC GET
(trojan.rules)
2027711 - ET WEB_SPECIFIC_APPS Atlassian JIRA Template Injection RCE
(CVE-2019-11581) (web_specific_apps.rules)
Pro:
2837496 - ETPRO POLICY External IP Address Lookup via uc .cn
(policy.rules)
2837497 - ETPRO POLICY Empty User-Agent Header (policy.rules)
2837498 - ETPRO MALWARE Win32/Spddubi Checking in System Information
(malware.rules)
2837499 - ETPRO CURRENT_EVENTS Successful Generic Webmail Session Expired
Phish 2019-07-15 (current_events.rules)
2837500 - ETPRO CURRENT_EVENTS Successful DHL Phish 2019-07-15
(current_events.rules)
2837501 - ETPRO CURRENT_EVENTS Successful Microsoft Account Voicemail
Phish 2019-07-15 (current_events.rules)
2837502 - ETPRO CURRENT_EVENTS Successful Yahoo Phish 2019-07-15
(current_events.rules)
2837503 - ETPRO CURRENT_EVENTS Successful Banca Sella Phish 2019-07-15
(current_events.rules)
2837504 - ETPRO CURRENT_EVENTS Successful Generic Mail Error Report Phish
2019-07-15 (current_events.rules)
2837505 - ETPRO CURRENT_EVENTS Successful Banca Sella Phish 2019-07-15
(current_events.rules)
2837506 - ETPRO CURRENT_EVENTS Successful Commonwealth Bank Phish
2019-07-15 (current_events.rules)
2837507 - ETPRO CURRENT_EVENTS Successful Barclays Phish 2019-07-15
(current_events.rules)
2837508 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-07-15 1) (trojan.rules)
2837509 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-07-15 2) (trojan.rules)
2837510 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-07-15 3) (trojan.rules)
2837511 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-07-15 4) (trojan.rules)
2837512 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-07-15 5) (trojan.rules)
2837513 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-07-15 6) (trojan.rules)
2837514 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-07-15 7) (trojan.rules)
2837515 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-07-15 8) (trojan.rules)
2837516 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-07-15 9) (trojan.rules)
2837517 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-07-15 10) (trojan.rules)
2837518 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-07-15 11) (trojan.rules)
2837519 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-07-15 12) (trojan.rules)
2837520 - ETPRO CURRENT_EVENTS Successful SF Express Phish 2019-07-15
(current_events.rules)
2837521 - ETPRO CURRENT_EVENTS Successful ASB Phish 2019-07-15
(current_events.rules)
2837522 - ETPRO CURRENT_EVENTS Successful Yahoo Phish 2019-07-15
(current_events.rules)
2837523 - ETPRO CURRENT_EVENTS Successful Bank of America Phish
2019-07-15 (current_events.rules)
[///] Modified active rules: [///]
2027677 - ET TROJAN Godlua Backdoor Downloading Encrypted Lua
(trojan.rules)
2027694 - ET MALWARE Observed OSX/PremierOpinionD Collection Domain in
TLS SNI (malware.rules)
2837219 - ETPRO MALWARE InstallPortal Glority User-Agent (malware.rules)
2837434 - ETPRO CURRENT_EVENTS Successful BB&T Phish 2019-07-10
(current_events.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20190715/805298e3/attachment.html>
More information about the Emerging-updates
mailing list