[Emerging-updates] Daily Ruleset Update Summary 2019/07/26

Jason Williams jwilliams at emergingthreats.net
Fri Jul 26 13:48:07 HDT 2019 

[***]            Summary:            [***]

  6 new Open, 29 new Pro (6 + 23). Ursnif Certs, MyDisksu CnC, Various
Coinminers, Various Phish.

  Please share issues, feedback, and requests at
https://feedback.emergingthreats.net/feedback

 [+++]          Added rules:          [+++]

 Open:

  2027757 - ET DNS Query for .to TLD (dns.rules)
  2027758 - ET DNS Query for .cc TLD (dns.rules)
  2027759 - ET DNS Query for .co TLD (dns.rules)
  2027760 - ET POLICY SSL/TLS Certificate Observed (Commercial Proxy
Provider geosurf .io) (policy.rules)
  2027761 - ET POLICY SSL/TLS Certificate Observed (AnyDesk Remote Desktop
Software) (policy.rules)
  2027762 - ET USER_AGENTS AnyDesk Remote Desktop Software User-Agent
(user_agents.rules)

 Pro:

  2837709 - ETPRO CURRENT_EVENTS Successful WeTransfer Phish 2019-07-26
(current_events.rules)
  2837710 - ETPRO CURRENT_EVENTS Successful Excel Online Phish 2019-07-26
(current_events.rules)
  2837711 - ETPRO CURRENT_EVENTS Successful Suncoast Credit Union Phish
2019-07-26 (current_events.rules)
  2837712 - ETPRO CURRENT_EVENTS Successful Instagram Phish 2019-07-26
(current_events.rules)
  2837713 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-07-26 (current_events.rules)
  2837714 - ETPRO CURRENT_EVENTS Successful ING Phish 2019-07-26
(current_events.rules)
  2837715 - ETPRO CURRENT_EVENTS Successful ING Phish 2019-07-26
(current_events.rules)
  2837716 - ETPRO CURRENT_EVENTS Successful ING Phish 2019-07-26
(current_events.rules)
  2837717 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-07-26 (current_events.rules)
  2837718 - ETPRO CURRENT_EVENTS Successful ING Phish 2019-07-26
(current_events.rules)
  2837719 - ETPRO CURRENT_EVENTS Successful Office 365 Phish 2019-07-26
(current_events.rules)
  2837720 - ETPRO CURRENT_EVENTS Successful Banco de Chile Phish 2019-07-26
(current_events.rules)
  2837721 - ETPRO CURRENT_EVENTS Successful ING Phish 2019-07-26
(current_events.rules)
  2837722 - ETPRO CURRENT_EVENTS Successful ING Phish 2019-07-26
(current_events.rules)
  2837723 - ETPRO CURRENT_EVENTS Successful ING Phish 2019-07-26
(current_events.rules)
  2837724 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-07-26 1) (trojan.rules)
  2837725 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-07-26 2) (trojan.rules)
  2837727 - ETPRO TROJAN Observed Malicious SSL Cert (Ursnif Worker CnC)
(trojan.rules)
  2837728 - ETPRO TROJAN Observed Malicious SSL Cert (Ursnif Loader CnC)
(trojan.rules)
  2837729 - ETPRO TROJAN Observed Malicious SSL Cert (Ursnif Loader CnC)
(trojan.rules)
  2837730 - ETPRO TROJAN Observed Malicious SSL Cert (Ursnif Loader CnC)
(trojan.rules)
  2837731 - ETPRO MALWARE Win32/Softcnapp.AQ CnC Activity (malware.rules)
  2837732 - ETPRO MALWARE Win32/Adware.MyDiskSu CnC Acitivty (malware.rules)

 [///]     Modified active rules:     [///]

  2027339 - ET EXPLOIT Realtek SDK Miniigd UPnP SOAP Command Execution
CVE-2014-8361 - Outbound (exploit.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20190726/438f6edd/attachment.html>

More information about the Emerging-updates mailing list