[Emerging-updates] Daily Ruleset Update Summary 2019/03/08
Jack Mott
jmott at emergingthreats.net
Fri Mar 8 13:43:37 HST 2019
[***] Summary: [***]
30 new Pro. Various CoinMiners, MalDocs, Win32/WarZ njRAT, Various SSL,
Various Phishing.
TIIF
[+++] Added rules: [+++]
Pro:
2835241 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-03-08 1) (trojan.rules)
2835242 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-03-08 2) (trojan.rules)
2835243 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-03-08 3) (trojan.rules)
2835244 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-03-08 4) (trojan.rules)
2835245 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-03-08 5) (trojan.rules)
2835246 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-03-08 6) (trojan.rules)
2835247 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-03-08 7) (trojan.rules)
2835248 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-03-08 8) (trojan.rules)
2835249 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-03-08 9) (trojan.rules)
2835250 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-03-08 10) (trojan.rules)
2835251 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-03-08 11) (trojan.rules)
2835252 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-03-08 12) (trojan.rules)
2835253 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-03-08 13) (trojan.rules)
2835254 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-03-08 14) (trojan.rules)
2835255 - ETPRO CURRENT_EVENTS Possible MalDoc DL 2019-03-08
(current_events.rules)
2835256 - ETPRO CURRENT_EVENTS Successful Netflix Phish 2019-03-08
(current_events.rules)
2835257 - ETPRO CURRENT_EVENTS Successful Banco do Brasil Phish
2019-03-08 (current_events.rules)
2835258 - ETPRO CURRENT_EVENTS Successful CIBC Phish 2019-03-08
(current_events.rules)
2835259 - ETPRO CURRENT_EVENTS Successful UPS Phish 2019-03-08
(current_events.rules)
2835260 - ETPRO CURRENT_EVENTS Successful Banco do Brasil Phish
2019-03-08 (current_events.rules)
2835261 - ETPRO CURRENT_EVENTS Successful Credit Card Information Phish
2019-03-08 (current_events.rules)
2835262 - ETPRO CURRENT_EVENTS Successful Natwest Phish 2019-03-08
(current_events.rules)
2835263 - ETPRO CURRENT_EVENTS Successful Facebook Phish 2019-03-08
(current_events.rules)
2835264 - ETPRO CURRENT_EVENTS Successful Payu Phish 2019-03-08
(current_events.rules)
2835265 - ETPRO MOBILE_MALWARE DonotGroup Android CnC DNS Query
(mobile_malware.rules)
2835266 - ETPRO MOBILE_MALWARE Observed Malicious SSL Cert (DonotGroup
Android CnC) (mobile_malware.rules)
2835267 - ETPRO TROJAN Observed Malicious SSL Cert (PowerEnum CnC)
(trojan.rules)
2835268 - ETPRO TROJAN Observed Malicious SSL Cert (BrushaLoader CnC)
(trojan.rules)
2835269 - ETPRO POLICY Observed External IP Lookup SSL Cert (policy.rules)
2835270 - ETPRO TROJAN Win32/WarZ njRAT Loader Requesting Encrypted VBS
(trojan.rules)
[///] Modified active rules: [///]
2012390 - ET P2P Libtorrent User-Agent (p2p.rules)
2014170 - ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware
Related (policy.rules)
2018427 - ET TROJAN Netwire RAT Check-in (trojan.rules)
2025627 - ET INFO [eSentire] Possible Kali Linux Updates (info.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20190308/cd961e52/attachment.html>
More information about the Emerging-updates
mailing list