[Emerging-updates] Daily Ruleset Update Summary 2019/07/30

Jason Williams jwilliams at emergingthreats.net
Tue Jul 30 13:59:41 HDT 2019 

[***]            Summary:            [***]

  21 new Pro. KPOT, BeamHTTP, Remcos, Ursnif, Various Phish.

  Please share issues, feedback, and requests at
https://feedback.emergingthreats.net/feedback

 [+++]          Added rules:          [+++]

 Pro:

  2837752 - ETPRO CURRENT_EVENTS Successful Bank of America Phish
2019-07-30 (current_events.rules)
  2837753 - ETPRO TROJAN KPOT Stealer Exfiltration M3 (trojan.rules)
  2837754 - ETPRO CURRENT_EVENTS Successful Bank of America Phish
2019-07-30 (current_events.rules)
  2837755 - ETPRO CURRENT_EVENTS Successful Bank of America Phish
2019-07-30 (current_events.rules)
  2837764 - ETPRO TROJAN Win32/BeamHTTP Loader Activity (trojan.rules)
  2837765 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-07-30 1) (trojan.rules)
  2837766 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-07-30 2) (trojan.rules)
  2837767 - ETPRO CURRENT_EVENTS Successful Generic Compromised Wordpress
Phish 2019-07-30 (current_events.rules)
  2837768 - ETPRO CURRENT_EVENTS Successful myGov Phish 2019-07-30
(current_events.rules)
  2837769 - ETPRO CURRENT_EVENTS Successful AT&T Phish 2019-07-30
(current_events.rules)
  2837770 - ETPRO CURRENT_EVENTS Successful Bank of America Phish
2019-07-30 (current_events.rules)
  2837771 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-07-30 (current_events.rules)
  2837772 - ETPRO CURRENT_EVENTS Successful Office 365 Phish 2019-07-30
(current_events.rules)
  2837773 - ETPRO CURRENT_EVENTS Successful Facebook Video Phish 2019-07-30
(current_events.rules)
  2837774 - ETPRO POLICY Inbound Batch Script Enumerating OS Version
(policy.rules)
  2837775 - ETPRO TROJAN Win32/Remcos RAT Checkin 115 (trojan.rules)
  2837776 - ETPRO TROJAN Win32/Remcos RAT Checkin 114 (trojan.rules)
  2837777 - ETPRO TROJAN Win32/Remcos RAT Checkin 113 (trojan.rules)
  2837778 - ETPRO TROJAN Observed Malicious SSL Cert (Ursnif CnC)
(trojan.rules)
  2837779 - ETPRO TROJAN Observed Malicious SSL Cert (Ursnif CnC)
(trojan.rules)
  2837780 - ETPRO TROJAN Win32/HLLP.Shodi.I External IP Lookup
(trojan.rules)

 [///]     Modified active rules:     [///]

  2027761 - ET POLICY SSL/TLS Certificate Observed (AnyDesk Remote Desktop
Software) (policy.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20190730/2163de32/attachment.html>

More information about the Emerging-updates mailing list