[Emerging-updates] Daily Ruleset Update Summary 2019/03/11

James Emery-Callcott jcallcott at emergingthreats.net
Mon Mar 11 13:47:53 HDT 2019 

[***]            Summary:            [***]

7 new Open, 23 new Pro (7 + 16). CVE-2018-8174 B64, Spelevo EK, Various
Phish.

TIIM

[+++]          Added rules:          [+++]

Open:

  2027069 - ET EXPLOIT CVE-2018-8174 Common Construct B64 M1 (exploit.rules)
  2027070 - ET EXPLOIT CVE-2018-8174 Common Construct B64 M2 (exploit.rules)
  2027071 - ET EXPLOIT CVE-2018-8174 Common Construct B64 M3 (exploit.rules)
  2027072 - ET CURRENT_EVENTS Spelevo EK Landing M1 (current_events.rules)
  2027073 - ET CURRENT_EVENTS Spelevo EK Landing M2 (current_events.rules)
  2027074 - ET CURRENT_EVENTS Spelevo EK Landing M3 (current_events.rules)
  2027075 - ET CURRENT_EVENTS Spelevo EK Post-Compromise Data Dump
(current_events.rules)

Pro:

  2835271 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.z Checkin
11 (mobile_malware.rules)
  2835272 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.z Checkin
12 (mobile_malware.rules)
  2835273 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.z Checkin
13 (mobile_malware.rules)
  2835274 - ETPRO CURRENT_EVENTS Observed Malicious SSL Cert (MalDoc DL
2018-03-11) (current_events.rules)
  2835275 - ETPRO CURRENT_EVENTS Successful Apple Phish 2019-03-11
(current_events.rules)
  2835276 - ETPRO CURRENT_EVENTS Successful OneDrive Phish 2019-03-11
(current_events.rules)
  2835277 - ETPRO CURRENT_EVENTS Successful Generic Personalized Phish
2019-03-11 (current_events.rules)
  2835278 - ETPRO CURRENT_EVENTS Successful Office 365 Phish 2019-03-11
(current_events.rules)
  2835279 - ETPRO CURRENT_EVENTS Successful Generic Encrypted Message Phish
2019-03-11 (current_events.rules)
  2835280 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish
2019-03-11 (current_events.rules)
  2835281 - ETPRO CURRENT_EVENTS Successful Cox Phish 2019-03-11
(current_events.rules)
  2835282 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2019-03-11
(current_events.rules)
  2835283 - ETPRO CURRENT_EVENTS Successful Paypal FR Phish 2019-03-11
(current_events.rules)
  2835284 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-03-11 (current_events.rules)
  2835285 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-03-11 (current_events.rules)
  2835286 - ETPRO TROJAN Observed Malicious SSL Cert (FIN7 GRIFFON CnC)
(trojan.rules)

   [///]     Modified active rules:     [///]

  2012390 - ET P2P Libtorrent User-Agent (p2p.rules)
  2014170 - ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware
Related (policy.rules)
  2025627 - ET INFO [eSentire] Possible Kali Linux Updates (info.rules)


---------------------------------------

James Emery-Callcott
Security Researcher | ProofPoint Inc | Emerging Threats Team
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20190311/611ca2a6/attachment.html>

More information about the Emerging-updates mailing list