[Emerging-updates] Daily Ruleset Update Summary 2019/03/13
James Emery-Callcott
jcallcott at emergingthreats.net
Wed Mar 13 14:14:04 HDT 2019
[***] Summary: [***]
6 new Open, 18 new Pro (6 + 12). Retadup, Various SSL/TLS, Various Phish.
[+++] Added rules: [+++]
Open:
2027077 - ET TROJAN Win32/Retadup CnC Checkin M1 (trojan.rules)
2027078 - ET TROJAN Win32/Retadup CnC Checkin M2 (trojan.rules)
2027079 - ET TROJAN Win32/Retadup Success Response from CnC (trojan.rules)
2027080 - ET TROJAN Win32/PirateMatryoshka CnC DNS Query (trojan.rules)
2027081 - ET CURRENT_EVENTS PirateBay Phish - Possibly PirateMatryoshka
Related (current_events.rules)
2027082 - ET TROJAN Observed Malicious SSL Cert (CobaltStrike CnC)
(trojan.rules)
Pro:
2835319 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2019-03-13
(current_events.rules)
2835320 - ETPRO CURRENT_EVENTS Successful CIBC Phish 2019-03-13
(current_events.rules)
2835321 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-03-13 (current_events.rules)
2835322 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2019-03-13
(current_events.rules)
2835323 - ETPRO CURRENT_EVENTS Successful Wells Fargo Phish 2019-03-13
(current_events.rules)
2835324 - ETPRO TROJAN Observed Malicious SSL Cert (PoshAdvisor CnC)
(trojan.rules)
2835325 - ETPRO TROJAN Win32/VJadtre.3 CnC Checkin (trojan.rules)
2835326 - ETPRO MALWARE Observed PUA SSL Cert (Auslogics) (malware.rules)
2835327 - ETPRO TROJAN Win32/Phorpiex Clean-up Binary Inbound
(trojan.rules)
2835328 - ETPRO TROJAN Observed Malicious SSL Cert (Gozi CnC)
(trojan.rules)
2835329 - ETPRO TROJAN Observed Malicious SSL Cert (Gozi CnC)
(trojan.rules)
2835330 - ETPRO TROJAN Observed Malicious SSL Cert (IcedID CnC)
(trojan.rules)
---------------------------------------
James Emery-Callcott
Security Researcher | ProofPoint Inc | Emerging Threats Team
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20190313/754fe452/attachment.html>
More information about the Emerging-updates
mailing list