[Emerging-updates] Daily Ruleset Update Summary 2019/03/12
James Emery-Callcott
jcallcott at emergingthreats.net
Tue Mar 12 13:05:01 HDT 2019
[***] Summary: [***]
1 new Open, 33 new Pro (1 + 32). Android.Asacub.z, Various SSL/TLS,
Various Phish.
[+++] Added rules: [+++]
Open:
2027076 - ET INFO Wget Request for Executable (info.rules)
Pro:
2835287 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.z Checkin
14 (mobile_malware.rules)
2835288 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.z Checkin
15 (mobile_malware.rules)
2835289 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.z Checkin
16 (mobile_malware.rules)
2835290 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.z Checkin
17 (mobile_malware.rules)
2835291 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.z Checkin
18 (mobile_malware.rules)
2835292 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.z Checkin
19 (mobile_malware.rules)
2835293 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.z Checkin
20 (mobile_malware.rules)
2835294 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.z Checkin
21 (mobile_malware.rules)
2835295 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.z Checkin
22 (mobile_malware.rules)
2835296 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.z Checkin
23 (mobile_malware.rules)
2835297 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.z Checkin
24 (mobile_malware.rules)
2835298 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Asacub.z Checkin
25 (mobile_malware.rules)
2835299 - ETPRO TROJAN SCBP Stealer Harvesting Passwords (trojan.rules)
2835300 - ETPRO MALWARE Suspicious/Unknown Hacktool Activity
(malware.rules)
2835301 - ETPRO MALWARE InstaReger Hacktool Activity (malware.rules)
2835302 - ETPRO TROJAN Observed Malicious SSL Cert (Ursnif CnC)
(trojan.rules)
2835303 - ETPRO CURRENT_EVENTS Observed MalDoc DL 2018-03-12 Domain
(homesmebel .com in TLS SNI) (current_events.rules)
2835304 - ETPRO TROJAN Observed Malicious SSL Cert (Fallout EK)
(trojan.rules)
2835305 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2019-03-12
(current_events.rules)
2835306 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2019-03-12
(current_events.rules)
2835307 - ETPRO CURRENT_EVENTS Successful Docusign Phish 2019-03-12
(current_events.rules)
2835308 - ETPRO CURRENT_EVENTS Successful Adobe Phish 2019-03-12
(current_events.rules)
2835309 - ETPRO CURRENT_EVENTS Successful Generic Personalized Phish
2019-03-12 (current_events.rules)
2835310 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-03-12 (current_events.rules)
2835311 - ETPRO CURRENT_EVENTS Successful American Express Phish
2019-03-12 (current_events.rules)
2835312 - ETPRO CURRENT_EVENTS Successful Generic Phish 2019-03-12
(current_events.rules)
2835313 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-03-12 (current_events.rules)
2835314 - ETPRO CURRENT_EVENTS Successful Mweb Phish 2019-03-12
(current_events.rules)
2835315 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2019-03-12
(current_events.rules)
2835316 - ETPRO CURRENT_EVENTS Successful Paypal Bank Phish 2019-03-12
(current_events.rules)
2835317 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2019-03-12
(current_events.rules)
2835318 - ETPRO CURRENT_EVENTS Successful CIBC Phish 2019-03-12
(current_events.rules)
[///] Modified active rules: [///]
2014726 - ET POLICY Outdated Flash Version M1 (policy.rules)
2024379 - ET POLICY Outdated Flash Version M2 (policy.rules)
2025903 - ET MOBILE_MALWARE iOS/Bahamut DNS Lookup 13
(mobile_malware.rules)
2827268 - ETPRO TROJAN Donoff .onion Proxy Domain DNS Lookup
(trojan.rules)
---------------------------------------
James Emery-Callcott
Security Researcher | ProofPoint Inc | Emerging Threats Team
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20190312/8311d7f1/attachment.html>
More information about the Emerging-updates
mailing list