[Emerging-updates] Daily Ruleset Update Summary 2019/03/29

Travis Green tgreen at emergingthreats.net
Fri Mar 29 13:32:49 HDT 2019 

[***]            Summary:            [***]

1 new Open, 19 new Pro (1 + 18). Azorult++,
Win32/Pterodo.NG,Win32/KlickParty, Various Phishing.


[+++]          Added rules:          [+++]

Open:

2027141 - ET USER_AGENTS PUA Related User-Agent (WINTERNET) (user_agents.rules)

Pro:

2835637 - ETPRO TROJAN Win32/Pterodo.NG Checkin 2 (trojan.rules)
2835638 - ETPRO TROJAN Azorult++ Checkin (trojan.rules)
2835639 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-03-29 1) (trojan.rules)
2835640 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-03-29 2) (trojan.rules)
2835641 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-03-29 3) (trojan.rules)
2835642 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-03-29 4) (trojan.rules)
2835643 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-03-29 5) (trojan.rules)
2835644 - ETPRO CURRENT_EVENTS Successful Office 365 Phish 2019-03-29
(current_events.rules)
2835645 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2019-03-29
(current_events.rules)
2835646 - ETPRO CURRENT_EVENTS Successful Adobe PDF Online Phish
2019-03-29 (current_events.rules)
2835647 - ETPRO CURRENT_EVENTS Successful Paypal Phish 2019-03-29
(current_events.rules)
2835648 - ETPRO CURRENT_EVENTS Successful Apple Phish 2019-03-29
(current_events.rules)
2835649 - ETPRO CURRENT_EVENTS Successful Gmail Phish 2019-03-29
(current_events.rules)
2835650 - ETPRO CURRENT_EVENTS Successful Paypal FR Phish 2019-03-29
(current_events.rules)
2835651 - ETPRO MALWARE ElementsBrowser PUA Checkin (malware.rules)
2835652 - ETPRO TROJAN MSIL/Agent.BTQ Stealer CnC Checkin (trojan.rules)
2835653 - ETPRO TROJAN Win32/KlickParty Stealer CnC Checkin (trojan.rules)
2835654 - ETPRO TROJAN Win32/KlickParty Stealer Sending Screenshot to
CnC (trojan.rules)


[///]     Modified active rules:     [///]

2027117 - ET TROJAN Suspicious POST with Common Windows Process Names
- Possible Process List Exfiltration (trojan.rules)
2835541 - ETPRO TROJAN ChaseBot CnC Response (trojan.rules)
2835618 - ETPRO TROJAN APT28 Zebrocy/Zekapab POST Template Structure
(trojan.rules)


-- 
PGP:
travisgreen.net/tgreen at emergingthreats.net.asc
travisgreen.net/travis at travisgreen.net.asc

More information about the Emerging-updates mailing list