[Emerging-updates] Daily Ruleset Update Summary 2019/03/19

Jason Williams jwilliams at emergingthreats.net
Tue Mar 19 13:49:08 HDT 2019 

[***]            Summary:            [***]

6 new Open, 26 new Pro (6 + 20). Router Vulns, Cobalt Strike CnC,
Coinminers, Various Phish.

 [+++]          Added rules:          [+++]

Open:

  2027096 - ET WEB_SPECIFIC_APPS Rails Arbitrary File Disclosure Attempt
(web_specific_apps.rules)
  2027097 - ET EXPLOIT Possible Linksys WRT100/110 RCE Attempt
(CVE-2013-3568) (exploit.rules)
  2027098 - ET EXPLOIT Possible ZTE ZXV10 H108L Router Root RCE Attempt
(exploit.rules)
  2027099 - ET EXPLOIT Possible Linksys E1500/E2500 apply.cgi RCE Attempt
(exploit.rules)
  2027100 - ET TROJAN Unk/JS.Downloader CnC Checkin (trojan.rules)
  2027101 - ET TROJAN Observed Malicious SSL Cert (Gootkit CnC)
(trojan.rules)

Pro:

  2835436 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-03-19 1) (trojan.rules)
  2835437 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-03-19 2) (trojan.rules)
  2835438 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-03-19 3) (trojan.rules)
  2835439 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-03-19 4) (trojan.rules)
  2835440 - ETPRO TROJAN Observed Cobalt Strike CnC Domain (omnibelts
.appspot .com in TLS SNI) (trojan.rules)
  2835441 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish
2019-03-19 (current_events.rules)
  2835442 - ETPRO CURRENT_EVENTS Successful Sky Phish 2019-03-19
(current_events.rules)
  2835443 - ETPRO CURRENT_EVENTS Successful WeTransfer Phish 2019-03-19
(current_events.rules)
  2835444 - ETPRO CURRENT_EVENTS Successful SunTrust Phish 2019-03-19
(current_events.rules)
  2835445 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2019-03-19
(current_events.rules)
  2835446 - ETPRO CURRENT_EVENTS Successful Bank of America Phish
2019-03-19 (current_events.rules)
  2835447 - ETPRO CURRENT_EVENTS Successful Banco Itau Phish 2019-03-19
(current_events.rules)
  2835448 - ETPRO CURRENT_EVENTS Successful AT&T Phish 2019-03-19
(current_events.rules)
  2835449 - ETPRO CURRENT_EVENTS Successful Linkedin Phish 2019-03-19
(current_events.rules)
  2835450 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2019-03-19
(current_events.rules)
  2835451 - ETPRO CURRENT_EVENTS Successful BBVA Phish 2019-03-19
(current_events.rules)
  2835452 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-03-19 (current_events.rules)
  2835453 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish
2019-03-19 (current_events.rules)
  2835454 - ETPRO CURRENT_EVENTS Successful Bank of America Phish
2019-03-19 (current_events.rules)
  2835455 - ETPRO CURRENT_EVENTS Successful Bank of America Phish
2019-03-19 (current_events.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20190319/997bf4c9/attachment.html>

More information about the Emerging-updates mailing list