[Emerging-updates] Daily Ruleset Update Summary 2019/07/17
Brandon Murphy
bmurphy at emergingthreats.net
Wed Jul 17 13:42:48 HDT 2019
[***] Summary: [***]
10 new Open, 32 new Pro (10 + 22). StrongPity, ServHelper, Alpha Keylogger,
CVE-2019-0725, Ursnif, Various Phish.
Thanks @alienvault
[+++] Added rules: [+++]
Open:
2027713 - ET TROJAN SSL/TLS Certificate Observed (StrongPity)
(trojan.rules)
2027714 - ET TROJAN SSL/TLS Certificate Observed (StrongPity)
(trojan.rules)
2027715 - ET TROJAN SSL/TLS Certificate Observed (StrongPity)
(trojan.rules)
2027716 - ET TROJAN SSL/TLS Certificate Observed (StrongPity)
(trojan.rules)
2027717 - ET TROJAN SSL/TLS Certificate Observed (StrongPity)
(trojan.rules)
2027718 - ET TROJAN SSL/TLS Certificate Observed (StrongPity)
(trojan.rules)
2027719 - ET TROJAN SSL/TLS Certificate Observed (StrongPity)
(trojan.rules)
2027720 - ET TROJAN SSL/TLS Certificate Observed (StrongPity)
(trojan.rules)
2027721 - ET EXPLOIT Possible IE Scripting Engine Memory Corruption
Vulnerability (CVE-2019-0752) (exploit.rules)
2027722 - ET TROJAN SLUB Domain in DNS Lookup (trojan.rules)
Pro:
2837552 - ETPRO TROJAN MalDoc Requesting Payload 2019-07-17 (trojan.rules)
2837553 - ETPRO TROJAN Observed Malicious SSL Cert (Ursnif CnC)
(trojan.rules)
2837554 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-07-17 1) (trojan.rules)
2837555 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-07-17 2) (trojan.rules)
2837556 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-07-17 3) (trojan.rules)
2837557 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-07-17 4) (trojan.rules)
2837558 - ETPRO CURRENT_EVENTS Successful Local Bitcoins Phish 2019-07-17
(current_events.rules)
2837559 - ETPRO CURRENT_EVENTS Successful Generic Phish 2019-07-17
(current_events.rules)
2837560 - ETPRO CURRENT_EVENTS Successful DHL Phish 2019-07-17
(current_events.rules)
2837561 - ETPRO CURRENT_EVENTS Successful Banco Bradesco Phish 2019-07-17
(current_events.rules)
2837562 - ETPRO CURRENT_EVENTS Successful Generic Phish 2019-07-17
(current_events.rules)
2837563 - ETPRO CURRENT_EVENTS Successful Telekom / Tmobile Phish
2019-07-17 (current_events.rules)
2837564 - ETPRO CURRENT_EVENTS Successful Chase Phish 2019-07-17
(current_events.rules)
2837565 - ETPRO CURRENT_EVENTS Successful Chase Phish 2019-07-17
(current_events.rules)
2837566 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-07-17 (current_events.rules)
2837567 - ETPRO CURRENT_EVENTS Successful Bank of America Phish
2019-07-17 (current_events.rules)
2837568 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-07-17 (current_events.rules)
2837569 - ETPRO CURRENT_EVENTS Successful mBank Phish 2019-07-17
(current_events.rules)
2837570 - ETPRO CURRENT_EVENTS Successful Scotiabank Phish 2019-07-17
(current_events.rules)
2837571 - ETPRO TROJAN Alpha Keylogger CnC Request via Telegram API
(trojan.rules)
2837572 - ETPRO TROJAN Alpha Keylogger CnC Response via Telegram API
(trojan.rules)
2837573 - ETPRO TROJAN ServHelper CnC Inital Checkin (trojan.rules)
[///] Modified active rules: [///]
2807970 - ETPRO TROJAN Win32/Neurevt.A/Betabot Checkin 3 (trojan.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20190717/700c6eb4/attachment.html>
More information about the Emerging-updates
mailing list