[Emerging-updates] Daily Ruleset Update Summary 2019/07/18

Thu Jul 18 12:40:45 HDT 2019

[***]            Summary:            [***]

5 new Open, 21 new Pro (5 + 16). Palo Alto SSL VPN, Gamardeon, Various
Phishing.

 [+++]          Added rules:          [+++]

 Open:

  2027723 - ET EXPLOIT Possible Palo Alto SSL VPN sslmgr Format String
Vulnerability (Inbound) (exploit.rules)
  2027724 - ET TROJAN Gamaredon CnC Domain in DNS Lookup (trojan.rules)
  2027725 - ET TROJAN Gamaredon CnC Domain in DNS Lookup (trojan.rules)
  2027726 - ET TROJAN Gamaredon CnC Domain in DNS Lookup (trojan.rules)
  2027727 - ET TROJAN Gamaredon CnC Domain in DNS Lookup (trojan.rules)

 Pro:

  2837574 - ETPRO CURRENT_EVENTS Observed Malicious SSL Cert (MalDoc DL
2019-07-18) (current_events.rules)
  2837575 - ETPRO TROJAN Win32/CNMiner CnC Checkin (trojan.rules)
  2837576 - ETPRO CURRENT_EVENTS Successful Shaw Webmail Phish 2019-07-18
(current_events.rules)
  2837577 - ETPRO CURRENT_EVENTS Successful Bank of America Phish
2019-07-18 (current_events.rules)
  2837578 - ETPRO CURRENT_EVENTS Successful Bank of America Phish
2019-07-18 (current_events.rules)
  2837579 - ETPRO CURRENT_EVENTS Successful Office 365 Phish 2019-07-18
(current_events.rules)
  2837580 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish
2019-07-18 (current_events.rules)
  2837588 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-07-18 1) (trojan.rules)
  2837589 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-07-18 2) (trojan.rules)
  2837590 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-07-18 3) (trojan.rules)
  2837591 - ETPRO CURRENT_EVENTS Successful Global Sources Phish 2019-07-18
(current_events.rules)
  2837592 - ETPRO CURRENT_EVENTS Successful Bank of America Phish
2019-07-18 (current_events.rules)
  2837593 - ETPRO CURRENT_EVENTS Successful IRS Phish 2019-07-18
(current_events.rules)
  2837594 - ETPRO CURRENT_EVENTS Successful Santander Phish 2019-07-18
(current_events.rules)
  2837595 - ETPRO CURRENT_EVENTS Successful Banco Itau Phish 2019-07-18
(current_events.rules)
  2837596 - ETPRO CURRENT_EVENTS Successful CIBC Phish 2019-07-18
(current_events.rules)


 [---]         Disabled rules:        [---]

  2828060 - ETPRO TROJAN W32/Emotet.v4 Checkin Fake 404 Payload Response
(trojan.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20190718/df2e31ad/attachment.html>