[Emerging-updates] Daily Ruleset Update Summary 2019/11/04

Jason Williams jwilliams at emergingthreats.net
Mon Nov 4 12:58:23 HST 2019


[***]            Summary:            [***]

  4 new Open, 47 new Pro (4 + 43). rConfig RCE, Darkhotel Downloaders,
Various Coinminers, VARIOUS Phish.

  Suricata 5.0 Support blog:
https://www.proofpoint.com/us/corporate-blog/post/emerging-threats-announcing-support-suricata-50
  Suricata 2/3 EOL information:
https://lists.emergingthreats.net/pipermail/emerging-updates/2019-October/004655.html

  Please share issues, feedback, and requests at
https://feedback.emergingthreats.net/feedback

 [+++]          Added rules:          [+++]

 Open:

  2028933 - ET EXPLOIT Possible rConfig 3.9.2 Remote Code Execution PoC
(CVE-2019-16662) (exploit.rules)
  2028934 - ET TROJAN Possible Darkhotel Higasia Downloader Requesting
Module (trojan.rules)
  2028935 - ET TROJAN Possible Darkhotel Higasia Downloader Connectivity
Check (trojan.rules)
  2028936 - ET TROJAN Possible Darkhotel Higasia Downloader Checkin
(trojan.rules)

 Pro:

  2839181 - ETPRO CURRENT_EVENTS Successful Netease 163 Webmail Phish
2019-11-04 (current_events.rules)
  2839182 - ETPRO CURRENT_EVENTS Successful Office 365 Message Center Phish
2019-11-04 (current_events.rules)
  2839183 - ETPRO CURRENT_EVENTS Successful Bank of America Phish
2019-11-04 (current_events.rules)
  2839184 - ETPRO CURRENT_EVENTS Successful IRS Phish 2019-11-04
(current_events.rules)
  2839185 - ETPRO CURRENT_EVENTS Successful WeTransfer Phish 2019-11-04
(current_events.rules)
  2839186 - ETPRO CURRENT_EVENTS Successful Generic Email Validation Phish
2019-11-04 (current_events.rules)
  2839187 - ETPRO CURRENT_EVENTS Successful Generic Email Verification
Phish 2019-11-04 (current_events.rules)
  2839188 - ETPRO CURRENT_EVENTS Successful Swisscom Phish 2019-11-04
(current_events.rules)
  2839189 - ETPRO CURRENT_EVENTS Successful Microsoft Account Phish
2019-11-04 (current_events.rules)
  2839190 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-11-04 (current_events.rules)
  2839191 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-11-04 (current_events.rules)
  2839192 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-11-04 (current_events.rules)
  2839193 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-11-04 (current_events.rules)
  2839194 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-11-04 (current_events.rules)
  2839195 - ETPRO CURRENT_EVENTS Successful M&T Bank Phish 2019-11-04
(current_events.rules)
  2839196 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-11-04 (current_events.rules)
  2839197 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-11-04 (current_events.rules)
  2839198 - ETPRO CURRENT_EVENTS Successful Gov UK Vehicle Tax Phish
2019-11-04 (current_events.rules)
  2839199 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-11-04 (current_events.rules)
  2839200 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-11-04 (current_events.rules)
  2839201 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-11-04 (current_events.rules)
  2839202 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-11-04 (current_events.rules)
  2839203 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-11-04 (current_events.rules)
  2839204 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-11-04 (current_events.rules)
  2839205 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-11-04 (current_events.rules)
  2839206 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-11-04 (current_events.rules)
  2839207 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-11-04 (current_events.rules)
  2839208 - ETPRO CURRENT_EVENTS Successful Mastercard Phish 2019-11-04
(current_events.rules)
  2839209 - ETPRO CURRENT_EVENTS Successful Banco Itau Phish 2019-11-04
(current_events.rules)
  2839210 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-11-04 (current_events.rules)
  2839211 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-11-04 (current_events.rules)
  2839212 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-11-04 (current_events.rules)
  2839213 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-11-04 (current_events.rules)
  2839214 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-11-04 (current_events.rules)
  2839215 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-11-04 (current_events.rules)
  2839216 - ETPRO CURRENT_EVENTS Successful Generic Credit Card Information
Phish 2019-11-04 (current_events.rules)
  2839217 - ETPRO CURRENT_EVENTS Successful ADP Phish 2019-11-04
(current_events.rules)
  2839218 - ETPRO CURRENT_EVENTS Successful Chase Phish 2019-11-04
(current_events.rules)
  2839219 - ETPRO CURRENT_EVENTS Successful Chase Phish 2019-11-04
(current_events.rules)
  2839220 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-11-04 1) (trojan.rules)
  2839221 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-11-04 2) (trojan.rules)
  2839222 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-11-04 3) (trojan.rules)
  2839223 - ETPRO TROJAN CoinMiner Known Malicious Stratum Authline
(2019-11-04 4) (trojan.rules)

 [///]     Modified active rules:     [///]

  2835637 - ETPRO TROJAN Win32/Pterodo.NG Checkin 2 (trojan.rules)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20191104/b5b221ec/attachment.html>


More information about the Emerging-updates mailing list